Solved

Power Shell - Active Directory -  Pulling local groups from multiple servers

Posted on 2012-03-18
5
555 Views
Last Modified: 2012-06-27
Hi EE

Anyone have a way with Power Shell to pull the members of the Administrators group ?

Get-Content Servers.txt | ???? or some other way ?

I want to put the server names in the text file and have power shell pull all the members of the Administrators group .
0
Comment
Question by:MilesLogan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 12

Expert Comment

by:prashanthd
ID: 37736027
Copy following code to .ps1 file and execute.
This will take input from servers.txt and write to output.txt

$list=get-content servers.txt
foreach ($strcomputer in $list){
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$strcomputer
$Group = $computer.psbase.children.find("Administrators")
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}

	ForEach($user in $members)
	{
	$a = $strComputer + "," + $user.ToString()
	$a | Out-File output.txt -Append
	}
}

Open in new window

0
 
LVL 12

Expert Comment

by:Navdeep
ID: 37736031
Hi,

This is what you are looking for. These are powershell scripts.

http://poshcode.org/544
http://powershell.com/cs/media/p/3215.aspx

You would need to modify the code a bit to suit your needs.

Regards,
Navdeep [v-2nas]
0
 
LVL 2

Author Comment

by:MilesLogan
ID: 37743071
prashanthd

Thank you for the help .. this does output what I am looking for ...but
Is there a way for the output file to show if the accounts are local to that machine or domain accounts ?
0
 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
ID: 37752321
Try the following

$list=get-content servers.txt
foreach ($strcomputer in $list){
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$strcomputer
$Group = $computer.psbase.children.find("Administrators")
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("adspath", 'GetProperty', $null, $_, $null)}

	ForEach($user in $members)
	{
	$username=$user.ToString()
	$username=$username.replace("WinNT://","")
	if ($username.contains("$strcomputer/")){
		$a = $strComputer + "," + $username +",Local User"
	}
	else{
	$a = $strComputer + "," + $username +",Domain User"
	}

	$a | Out-File output.txt -Append
	}
}
         

Open in new window

0
 
LVL 2

Author Closing Comment

by:MilesLogan
ID: 37761340
This worked perfect .. thanks !
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question