Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Power Shell - Active Directory -  Pulling local groups from multiple servers

Posted on 2012-03-18
5
Medium Priority
?
562 Views
Last Modified: 2012-06-27
Hi EE

Anyone have a way with Power Shell to pull the members of the Administrators group ?

Get-Content Servers.txt | ???? or some other way ?

I want to put the server names in the text file and have power shell pull all the members of the Administrators group .
0
Comment
Question by:MilesLogan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 12

Expert Comment

by:prashanthd
ID: 37736027
Copy following code to .ps1 file and execute.
This will take input from servers.txt and write to output.txt

$list=get-content servers.txt
foreach ($strcomputer in $list){
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$strcomputer
$Group = $computer.psbase.children.find("Administrators")
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}

	ForEach($user in $members)
	{
	$a = $strComputer + "," + $user.ToString()
	$a | Out-File output.txt -Append
	}
}

Open in new window

0
 
LVL 12

Expert Comment

by:Navdeep
ID: 37736031
Hi,

This is what you are looking for. These are powershell scripts.

http://poshcode.org/544
http://powershell.com/cs/media/p/3215.aspx

You would need to modify the code a bit to suit your needs.

Regards,
Navdeep [v-2nas]
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 37743071
prashanthd

Thank you for the help .. this does output what I am looking for ...but
Is there a way for the output file to show if the accounts are local to that machine or domain accounts ?
0
 
LVL 12

Accepted Solution

by:
prashanthd earned 2000 total points
ID: 37752321
Try the following

$list=get-content servers.txt
foreach ($strcomputer in $list){
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$strcomputer
$Group = $computer.psbase.children.find("Administrators")
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("adspath", 'GetProperty', $null, $_, $null)}

	ForEach($user in $members)
	{
	$username=$user.ToString()
	$username=$username.replace("WinNT://","")
	if ($username.contains("$strcomputer/")){
		$a = $strComputer + "," + $username +",Local User"
	}
	else{
	$a = $strComputer + "," + $username +",Domain User"
	}

	$a | Out-File output.txt -Append
	}
}
         

Open in new window

0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 37761340
This worked perfect .. thanks !
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question