Need Help with existing powershell script

Greeting Experts,
I need some help with existing PowerShell script designed to poll Active Directory and get a list of Users and Groups located in the LocalAdminGroup for each server. The Script its self-works with no problem but I need to change the formatting on the output file…..  Instead of putting all of the users/OU Groups to one row I would like to put each users & OU Group to each rule (i.e. one user or ou  to row). I have put an example of the exiting format and new format I am looking for…. Is there somebody out there that can help me with this…    

exmaple 1      Existing formate
PCName1      User1, User2, OU1, OU2
PCName2      User1, User2, OU1, OU3
PCName3      User1, User2, OU1, OU4
PCName4      User1, User2, OU1, OU5
PCName5      User1, User2, OU1, OU6


example 2       New formate
PCName1      User1
PCName1      User2
PCName1      OU1
PCName1      OU2
PCName2      User1
PCName2      User2
PCName2      OU1
PCName2      OU3
PCName3      User1
PCName3      User2
PCName3      OU1
PCName3      OU4






function 

get-localusers { 
        param( 
    [Parameter(Mandatory=$true,valuefrompipeline=$true)] 
    [string]$strComputer) 
    begin {} 
    Process { 
        $adminlist ="" 
        $computer = [ADSI]("WinNT://" + $strComputer + ",computer") 
        $AdminGroup = $computer.psbase.children.find("Administrators") 
        $Adminmembers= $AdminGroup.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}         
        foreach ($admin in $Adminmembers) { $adminlist = $adminlist + $admin + "," }          
        $Computer = New-Object psobject 
        $computer | Add-Member noteproperty ComputerName $strComputer 
        $computer | Add-Member noteproperty Administrators $adminlist   
        Write-Output $computer        
         } 
end {} 
} 
 
Get-QADComputer -OSName "*Windows*Server*" | ForEach-Object {$_.Name}| get-localusers | Export-Csv "C:\LocalAdminGroups_$((get-date).toString('MM-dd-yyyy'))v2.csv"

Open in new window

MikeSecurityAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Raheman M. AbdulSenior Infrastructure Support Analyst & Systems DeveloperCommented:
Try this:
function get-localusers { 
        param( 
    [Parameter(Mandatory=$true,valuefrompipeline=$true)] 
    [string]$strComputer) 
    begin {} 
    Process { 
        $computer = [ADSI]("WinNT://" + $strComputer + ",computer") 
        $AdminGroup = $computer.psbase.children.find("Administrators") 
        $Adminmembers= $AdminGroup.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}         
        foreach ($admin in $Adminmembers)           
        {
        $Computer = New-Object psobject 
        $computer | Add-Member noteproperty ComputerName $strComputer 
        $computer | Add-Member noteproperty Administrators $admin   
        Write-Output $computer        
        }
         } 
end {} 
} 
 
Get-QADComputer -OSName "*Windows*Server*" | ForEach-Object {$_.Name}| get-localusers | Export-Csv "C:\LocalAdminGroups_$((get-date).toString('MM-dd-yyyy'))v2.csv"
                                  

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MikeSecurityAuthor Commented:
The script works perfect thanks,  One other quick question.... I have this script to scan for Servers but would like for it look at workstations as well... Is it possible to do this with the existing script....
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
The last line determines what to process. Just remove the parameter of Get-QADComputer to get up to 1000 machines. Line 21 then looks like:
Get-QADComputer | ForEach-Object {$_.Name}| get-localusers | Export-Csv "C:\LocalAdminGroups_$((get-date).toString('MM-dd-yyyy'))v2.csv"

Open in new window

0
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

MikeSecurityAuthor Commented:
the suggestion works... but I am looking to scan the entire AD enterprise domain...... Is there a way to update the script for all Devices.... not just the top 1000
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
You know that is a really, really hefty thing to do? Querying a huge amount of machines for local admin account members? You can do that by adding -SizeLimit 0 to Get-QADComputer, but it will take ages to complete. It's really not recommended to do it that way, which needs to connect to each PC found, one by one. And what about those machines not reachable while you run the script?

The usual way to cope with such a task is to run a startup script per GPO. The script will report the local admin members into one shared (troublesome) or per-machine files.
0
MikeSecurityAuthor Commented:
Ok... I can understand your point.... I will use your idea....
0
MikeSecurityAuthor Commented:
The Idea worked perfect that you both for your help this problem......  :)
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Don't you think that point split is unbalanced somewhat? Raheman Mohammed Abdul's modification was a small one, and the add-on questions were all answered by me with something needing more knowledge and experience ...
0
MikeSecurityAuthor Commented:
Qlemo - you are right and I do apologize... I have requested the Moderators split up the points 50/50 to make it more balanced..... :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.