Retrieve administrator right and software installed on the domain workstation

Posted on 2012-09-20
Last Modified: 2012-09-23
Is it possible to use Powershell or VBscript to scan all domain workstations and list out which users has the local domain right , together with the software installed on their workstations ?

Question by:AXISHK
    LVL 39

    Expert Comment

    by:Krzysztof Pytko
    You can try using these scripts

    Local administrators

    Installed software

    for more advanced help, please wait for PowerShell experts


    Author Comment

    I have put the following under c:\get-localadministrators.ps1 and then run it.  I have open a powershell and execute the following :
    c:\get-localadministrators -computername mydomain-computer01

    However, no result is display. Any idea ??

    function get-localadministrators {
        param ([string]$computername=$env:computername)

        $computername = $computername.toupper()
        $ADMINS = get-wmiobject -computername $computername -query "select * from win32_groupuser where GroupComponent=""Win32_Group.Domain='$computername',Name='administrators'""" | % {$_.partcomponent}

        foreach ($ADMIN in $ADMINS) {
                    $admin = $admin.replace("\\$computername\root\cimv2:Win32_UserAccount.Domain=","") # trims the results for a user
                    $admin = $admin.replace("\\$computername\root\cimv2:Win32_Group.Domain=","") # trims the results for a group
                    $admin = $admin.replace('",Name="',"\")
                    $admin = $admin.REPLACE("""","")#strips the last "

                    $objOutput = New-Object PSObject -Property @{
                        Machinename = $computername
                        Fullname = ($admin)
                        DomainName  =$admin.split("\")[0]
                        UserName = $admin.split("\")[1]
                    }#end object

        }#end for

        return $objreport
    }#end function
    LVL 39

    Expert Comment

    by:Krzysztof Pytko
    Because you cannot specify computer name. It is taken from system variable $env:computername

    To use it with different name, you need to change code a little bit.

    And to that script, you need to add one more line at the end


    Then run script again


    Author Comment

    It works but I have a question,

    get-localadministrators is a self -defined script and I suppose  $computername will accept my passing parameter, ie. mydomain-computer01

    But why do I need to include a call to itself at the end of the line.

    LVL 39

    Accepted Solution

    This is self-defined function, so you need to run it at the end.

    In example: Get-ADUser is Windows AD PowerShell cmd-let predefined by Microsoft, you need to run it to get data. The same with this one. You need to run get-localadministrators but it won't be recognized, so that's why you need to predefined function before you can use it

    Yes, you're right, you can use another computer name but you have to replace this piece of code from
    param ([string]$computername=$env:computername)
    param ([string]$computername=$computerNameVariable)

    where $computerNameVariable is taken from other part of your script (Import-CSV or Get-Content)


    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
    New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
    This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
    This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now