Solved

Power Shell - Active Directory -  Pulling local groups from multiple servers

Posted on 2012-03-18
5
552 Views
Last Modified: 2012-06-27
Hi EE

Anyone have a way with Power Shell to pull the members of the Administrators group ?

Get-Content Servers.txt | ???? or some other way ?

I want to put the server names in the text file and have power shell pull all the members of the Administrators group .
0
Comment
Question by:MilesLogan
  • 2
  • 2
5 Comments
 
LVL 12

Expert Comment

by:prashanthd
Comment Utility
Copy following code to .ps1 file and execute.
This will take input from servers.txt and write to output.txt

$list=get-content servers.txt
foreach ($strcomputer in $list){
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$strcomputer
$Group = $computer.psbase.children.find("Administrators")
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}

	ForEach($user in $members)
	{
	$a = $strComputer + "," + $user.ToString()
	$a | Out-File output.txt -Append
	}
}

Open in new window

0
 
LVL 12

Expert Comment

by:Navdeep
Comment Utility
Hi,

This is what you are looking for. These are powershell scripts.

http://poshcode.org/544
http://powershell.com/cs/media/p/3215.aspx

You would need to modify the code a bit to suit your needs.

Regards,
Navdeep [v-2nas]
0
 
LVL 2

Author Comment

by:MilesLogan
Comment Utility
prashanthd

Thank you for the help .. this does output what I am looking for ...but
Is there a way for the output file to show if the accounts are local to that machine or domain accounts ?
0
 
LVL 12

Accepted Solution

by:
prashanthd earned 500 total points
Comment Utility
Try the following

$list=get-content servers.txt
foreach ($strcomputer in $list){
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$strcomputer
$Group = $computer.psbase.children.find("Administrators")
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("adspath", 'GetProperty', $null, $_, $null)}

	ForEach($user in $members)
	{
	$username=$user.ToString()
	$username=$username.replace("WinNT://","")
	if ($username.contains("$strcomputer/")){
		$a = $strComputer + "," + $username +",Local User"
	}
	else{
	$a = $strComputer + "," + $username +",Domain User"
	}

	$a | Out-File output.txt -Append
	}
}
         

Open in new window

0
 
LVL 2

Author Closing Comment

by:MilesLogan
Comment Utility
This worked perfect .. thanks !
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This article will help you understand what HashTables are and how to use them in PowerShell.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now