[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 400
  • Last Modified:

Output local administrators from multiple servers - Output file

Hi All

I have the script below that an EEE helped me create but I wanted to see if we can tweak it a bit with the output file .

I attached a sample of the output file , lines 2,4,6 are for local accounts on this server .. can someone help me change the output file so that local accounts do not have the domain information?  local accounts show " MYLAB/ " which is the domain name. The data just seems a bit confusing since these are local accounts so the line should not include the domain name ..  id rather the output does not show the domain name for local accounts .

also , can the parent column show the word Local for local accounts and MYLAB for the domain accounts/groups or does it have to show " WinNT:// " ?

This is the script I am using.
function get-localusers {
        param(
    [Parameter(Mandatory=$true,valuefrompipeline=$true)]
    [string]$strComputer)
    begin {}
    Process {
      $Select = "Name","Class","Parent" | %{  
        Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"  
      }
      If (Test-Connection $strComputer -Count 2 -Quiet){
            try{
        $adminlist =""
        $computer = [ADSI]("WinNT://" + $strComputer + ",computer")
        $AdminGroup = $computer.psbase.children.find("Administrators")
        $Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
              foreach ($admin in $Adminmembers) {
              $admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent) -replace "WinNT://")\$($_.Name)"}},Class,Parent
                  }                              }
            catch
            { "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent}
            }
      Else {


            "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent

        }
     }
end {}
}

Get-Content "C:\Powershell\Servers.txt" | get-localusers | Select ComputerName,Administrators,Class,Parent | Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI 

Open in new window

Output file attached:Output sample
0
MilesLogan
Asked:
MilesLogan
  • 3
  • 3
  • 3
2 Solutions
 
QlemoC++ DeveloperCommented:
Not how I would write it (a lot left to improve), but fulfilling the purpose:
function get-localusers {
param(
  [Parameter(Mandatory=$true,valuefrompipeline=$true)]
  [string]$strComputer
)
  Process {
    $Select = "Name","Class","Parent" | %{  
      Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"  
    }
    If (Test-Connection $strComputer -Count 2 -Quiet){
      try{
        $adminlist =""
        $computer = [ADSI]("WinNT://" + $strComputer + ",computer")
        $AdminGroup = $computer.psbase.children.find("Administratoren")
        $Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
        foreach ($admin in $Adminmembers) {
          $admin | Select @{N="ComputerName"  ; E={$strComputer}},
                           @{N="Administrators"; E={"$(($_.parent) -replace "WinNT://|.*/")\$($_.Name)"}},
                           Class,
                           @{N="Parent"        ; E={ $_.parent -replace '.*//.*/.*', 'local' -replace '.*//'  }}
        }
      }
      catch
        { "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent }
    }
    Else {
      "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent
    }
  }
}

Get-Content "C:\Powershell\Servers.txt" |
  get-localusers | Select ComputerName,Administrators,Class,Parent |
  Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI 

Open in new window

0
 
MilesLoganAuthor Commented:
Hi Qlemo

I don't mind using another script if you have one that does the same task ...

I ran yours and the output was not correct, see below.. I ran the original and it did output ..
error
0
 
SubsunCommented:
Try replacing line 17 with
$admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,Parent

Open in new window

function get-localusers {
 param(
 [Parameter(Mandatory=$true,valuefrompipeline=$true)]
 [string]$strComputer
 )
 
 $Select = "Name","Class","Parent" | %{  
 Invoke-Expression "@{n='$_';e={ `$_.GetType().InvokeMember('$_', 'GetProperty', `$Null, `$_, `$Null) }}"
 }
 
 If (Test-Connection $strComputer -Count 2 -Quiet){
  try{
  $computer = [ADSI]("WinNT://" + $strComputer + ",computer")
  $AdminGroup = $computer.psbase.children.find("Administrators")
  $Adminmembers= $AdminGroup.psbase.invoke("Members") | Select $Select
    foreach ($admin in $Adminmembers) {
    $admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,Parent
    }
 }catch{ 
 "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Access Denied"}},Class,Parent
 }
 }
Else {
 "" | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"Not able to Ping"}},Class,Parent
 }
}
Get-Content "C:\Powershell\Servers.txt" | get-localusers | Select ComputerName,Administrators,Class,Parent | Export-Csv "C:\Powershell\LocalAdm$((get-date).toString('MM-dd-yyyy')).csv" -NTI

Open in new window

0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
MilesLoganAuthor Commented:
Thanks Subsun .. That worked .. any way to also modify column D so its like below ? Local objects only show the server name and domain objects show the server name .
I can open a new questions if needed.


NewOutput
0
 
SubsunCommented:
No need to open a new question as this was part of the original request. I actually missed it..

Replace line 17 with following code..
$admin | Select @{N="ComputerName";E={$strComputer}},@{N="Administrators";E={"$(($_.parent -SPLIT "/")[-1])\$($_.Name)"}},Class,@{N="Parent";E={($_.parent -SPLIT "/")[-1]}}

Open in new window

0
 
QlemoC++ DeveloperCommented:
Strange, the script posted by me works fine on my system, with both a non-domain and a domain machine. "Access Denied" is the default "reply" of that script if some error occured inside the loop. To find out what happens (if interested), execute
$error.Clear()
# run the script #
$error

Open in new window

You've changed how "Parent" should be displayed: "can the parent column show the word Local for local accounts" was the original request (and what my script should do). DIsplaying the machine name here is ok, it depends on what you want to do later with the results.
0
 
SubsunCommented:
I have not tested the code from ID: 40284436.. But there is a Typo in line 14,  Administratoren instead of Administrators, which probably caused the error,
0
 
QlemoC++ DeveloperCommented:
Thanks, Subsun, and that is the reason! I forgot to re-replace the group name. It is no typo, just how that works with non-english OS (stupid thing to do by Microsoft, really).
0
 
MilesLoganAuthor Commented:
Thank you both ! always awesome help here .. wow
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now