Output local administrators from multiple servers - Output file

MilesLogan
MilesLogan used Ask the Experts™
on
Hi All

I have the script below that an EEE helped me create but I wanted to see if we can tweak it a bit with the output file .

I attached a sample of the output file , lines 2,4,6 are for local accounts on this server .. can someone help me change the output file so that local accounts do not have the domain information?  local accounts show " MYLAB/ " which is the domain name. The data just seems a bit confusing since these are local accounts so the line should not include the domain name ..  id rather the output does not show the domain name for local accounts .

also , can the parent column show the word Local for local accounts and MYLAB for the domain accounts/groups or does it have to show " WinNT:// " ?

This is the script I am using.
function get-localusers {
        param(
    [Parameter(Mandatory=$true,valuefrompipeline=$true)]
    [string]$strComputer)
    begin {}
    Process {
      $Select = "Name","Class","Parent" | %{  
        Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"  
      }
      If (Test-Connection $strComputer -Count 2 -Quiet){
            try{
        $adminlist =""
        $computer = [ADSI]("WinNT://" + $strComputer + ",computer")
        $AdminGroup = $computer.psbase.children.find("Administrators")
        $Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
              foreach ($admin in $Adminmembers) {
              $admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent) -replace "WinNT://")\$($_.Name)"}},Class,Parent
                  }                              }
            catch
            { "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent}
            }
      Else {


            "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent

        }
     }
end {}
}

Get-Content "C:\Powershell\Servers.txt" | get-localusers | Select ComputerName,Administrators,Class,Parent | Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI 

Open in new window

Output file attached:Output sample
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Qlemo"Batchelor", Developer and EE Topic Advisor
Top Expert 2015
Commented:
Not how I would write it (a lot left to improve), but fulfilling the purpose:
function get-localusers {
param(
  [Parameter(Mandatory=$true,valuefrompipeline=$true)]
  [string]$strComputer
)
  Process {
    $Select = "Name","Class","Parent" | %{  
      Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"  
    }
    If (Test-Connection $strComputer -Count 2 -Quiet){
      try{
        $adminlist =""
        $computer = [ADSI]("WinNT://" + $strComputer + ",computer")
        $AdminGroup = $computer.psbase.children.find("Administratoren")
        $Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
        foreach ($admin in $Adminmembers) {
          $admin | Select @{N="ComputerName"  ; E={$strComputer}},
                           @{N="Administrators"; E={"$(($_.parent) -replace "WinNT://|.*/")\$($_.Name)"}},
                           Class,
                           @{N="Parent"        ; E={ $_.parent -replace '.*//.*/.*', 'local' -replace '.*//'  }}
        }
      }
      catch
        { "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent }
    }
    Else {
      "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent
    }
  }
}

Get-Content "C:\Powershell\Servers.txt" |
  get-localusers | Select ComputerName,Administrators,Class,Parent |
  Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI 

Open in new window

Author

Commented:
Hi Qlemo

I don't mind using another script if you have one that does the same task ...

I ran yours and the output was not correct, see below.. I ran the original and it did output ..
error
IT Infrastructure Architect
Commented:
Try replacing line 17 with
$admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,Parent

Open in new window

function get-localusers {
 param(
 [Parameter(Mandatory=$true,valuefrompipeline=$true)]
 [string]$strComputer
 )
 
 $Select = "Name","Class","Parent" | %{  
 Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"
 }
 
 If (Test-Connection $strComputer -Count 2 -Quiet){
  try{
  $computer = [ADSI]("WinNT://" + $strComputer + ",computer")
  $AdminGroup = $computer.psbase.children.find("Administrators")
  $Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
    foreach ($admin in $Adminmembers) {
    $admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,Parent
    }
 }catch{ 
 "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent
 }
 }
Else {
 "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent
 }
}
Get-Content "C:\Powershell\Servers.txt" | get-localusers | Select ComputerName,Administrators,Class,Parent | Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI

Open in new window

CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Author

Commented:
Thanks Subsun .. That worked .. any way to also modify column D so its like below ? Local objects only show the server name and domain objects show the server name .
I can open a new questions if needed.


NewOutput
Subash SundharanIT Infrastructure Architect

Commented:
No need to open a new question as this was part of the original request. I actually missed it..

Replace line 17 with following code..
$admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,@{N="Parent";E={($_.parent -SPLIT "/")[-1]}}

Open in new window

Qlemo"Batchelor", Developer and EE Topic Advisor
Top Expert 2015

Commented:
Strange, the script posted by me works fine on my system, with both a non-domain and a domain machine. "Access Denied" is the default "reply" of that script if some error occured inside the loop. To find out what happens (if interested), execute
$error.Clear()
# run the script #
$error

Open in new window

You've changed how "Parent" should be displayed: "can the parent column show the word Local for local accounts" was the original request (and what my script should do). DIsplaying the machine name here is ok, it depends on what you want to do later with the results.
Subash SundharanIT Infrastructure Architect

Commented:
I have not tested the code from ID: 40284436.. But there is a Typo in line 14,  Administratoren instead of Administrators, which probably caused the error,
Qlemo"Batchelor", Developer and EE Topic Advisor
Top Expert 2015

Commented:
Thanks, Subsun, and that is the reason! I forgot to re-replace the group name. It is no typo, just how that works with non-english OS (stupid thing to do by Microsoft, really).

Author

Commented:
Thank you both ! always awesome help here .. wow

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial