What is the best way to export the remote desktop Administrators member list?

Hi,

What I'd like to do is to export the remote desktop Administrators member list? I've experimented with the Get-ADGroup and Get-ADGroupMember but those commands only direct the requests to active directory. I've tried using the Invoke-Command but found we need to enable the Windows Remote Management service on the Windows 7 desktops. GPO is the easiest way to enable WinRM but is there an alternative to PowerShell Remoting or is the Invoke-Command the best command?

Thank you.

****************************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

Get-ADComputer -Filter '*' -SearchBase "OU=Computers,DC=company,DC=com" -Properties Name | % {
  $PC = $_.Name

  if (Test-Connection $PC -Count 1 -TimeToLive 5 -Quiet)
  {
    Get-WmiObject Win32_UserAccount -ComputerName $PC -Filter "Administrator'" | % {
      New-Object PsObject -Property @{
                 "User Name"             = $_.Name
                 "Full Name"             = $_.FullName
                 "Logon Account Caption" = $_.Caption
                 "Disabled"              = $_.Disabled
                 "Status"                = $_.Status
                 "LockOut"               = $_.LockOut
                 "Password Changeable"   = $_.PasswordChangeable
                 "Password Expires"      = $_.PasswordExpires
                 "Password Required"     = $_.PasswordRequired
                 "Domain"                = $_.Domain
                 "Description"           = $_.Description
      } | Export-csv c:\Scripts\DesktopUserDetail.csv -Append -NoTypeInformation
    }
  }  
}
CuriousMAUserAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

RobSampsonCommented:
Hi, I have used this to extract the members of that group using WMI:
$ComputerName = "RemotePCName"
$GroupName = "Remote Desktop Users"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 

# Parse out the username from each result and append it to the array. 
If ($objWMI -ne $Null) 
{
    ForEach ($objItem In $objWMI) 
    { 
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    } 
} 
Write-Output $arrUsers

Open in new window


Regards,

Rob.
0
CuriousMAUserAuthor Commented:
Hi Rob,

I'd like to apply this script to a desktop collection but this entry doesn't work;

$ComputerName = "(Get-Content C:\Scripts\sample.txt)"

Any thoughts?
Thank you.
0
CuriousMAUserAuthor Commented:
I tried $ComputerName = "Get-Content -filepath C:\Scripts\sample.txt" in the variable section but no better luck ...
0
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

CuriousMAUserAuthor Commented:
Hi Rob,

I fixed the Get-Content syntax but now I see a WMI error with the Get-WMIObject entry. Any thoughts? Where to look? Thank you for your time.

*********************************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = "Get-Content -path c:\scripts\sample.txt"
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
}
Write-Output $arrUsers
0
CuriousMAUserAuthor Commented:
Hi Rob,

I no longer receive the prior errors but I'd like to output the desktop machines Administrator membership list to a csv file. Any thoughts?

Thank you.
**************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = Get-Content c:\scripts\sample.txt
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
}
Export-csv test.csv -append -NoTypeInformation
0
CuriousMAUserAuthor Commented:
Administrator(s) membership list
0
CuriousMAUserAuthor Commented:
Hi Rob,

Down below is the final script. After I logon as an Admin account I now receive the error message: RPC unavailable ... Thanks.

Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = Get-Content c:\scripts\sample.txt
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
} Write-Output $arrusers | Export-csv test.csv -append -NoTypeInformation
0
RobSampsonCommented:
Hi, I had to play with this for a few hours, because I'm reasonably green to Powershell, but I finally got it.

Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"

Get-Content c:\Temp\scripts\sample.txt |
ForEach {
    $ComputerName = $_
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window


I was getting an error that said "Export-csv : Cannot append CSV content to the following file: test.csv. The appended object does not have a property that corresponds to the following column:
6805126  (U). To proceed with mismatched properties, add the -Force switch and retry."

This error was simply due to the fact that a Test.CSV already existed, with different columns that didn't match to what we were outputting, to it couldn't append.

Regards,

Rob.
0
RobSampsonCommented:
A marginally shorter version, including an "OFFLINE" notification.

Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"

Get-Content c:\Temp\scripts\sample.txt |
ForEach {
    $ComputerName = $_
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $AllGroups += New-Object PsObject -Property @{
                    ComputerName="$ComputerName"
                    Member="$DomainName\$UserName"
                }
            }
        }
    }
    Else
    {
        $AllGroups += New-Object PsObject -Property @{
            ComputerName="$ComputerName"
            Member="<Offline>"
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window


EDIT: It is only two lines shorter, but with the addition of the "OFFLINE" part, it's actually longer
0
CuriousMAUserAuthor Commented:
Hi Rob,

Thank you for your diligence. With the newest changes the CSV output contain the desktop names and the adjacent column with <Offline> in each cell. Unfortunately, no true.

I the prior script I found the CSV file called test.csv empty.

Thank you,
Tom
0
CuriousMAUserAuthor Commented:
Hi Rob,

Your script below works beautifully for one system. My goal is to run a script against a collection of systems and determine the remote Administrators group membership. I'm working to create a GPO to push the Windows Remote Management (WRM) settings to the same systems.

http://www.grouppolicy.biz/2014/05/enable-winrm-via-group-policy/

Thank you,
Tom

=======================================================================
#
# NAME: GetDesktopGroupMembers.ps1
#
# Modified: Company Inc IT Staff
# Date: 04-Mar-2015
# Verison: PowerShell 4.0
# Client OS: Windows 7
# Server OS: Windows 2008 R2
#
# Description:
# Retrieve Desktop Computer Detail
#
# Assumes the presence of Microsoft's ActiveDirectory PowerShell module
# Requires Administrator permissions to execute the script
# ===================================================================================================================
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = "DEV-WIN7x64"
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
} Write-Output $arrusers
0
RobSampsonCommented:
The scripts I posted in my last two comments require that C:\Temp\Scripts\sample.txt
Contains one computer name per line. For the second code, it should either contain the group members, or the word OFFLINE if each machine cannot be contacted. It should not produce empty output. Does your input file have computer names in it?

Rob.
0
CuriousMAUserAuthor Commented:
Hi Rob,

I've activated a GPO to apply the WinRM network service on remote desktops. I'll connect to a subset of machines tomorrow, run winrm quickconfig -q, to enable the WinRM listener and tst the script again.

Thank you,
Tom
0
CuriousMAUserAuthor Commented:
Hi Rob,

We're so close. The script below exports the local system Administrators group membership successfully. What do I need to change to have the script loop through the file, sample.txt? Currently the script doesn't append the file, test.csv, with members listed inside sample.txt file.

Thank you,
T

Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"
$ComputerName = $env:computername

Get-Content c:\scripts\sample.txt |
ForEach {
       If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window

0
CuriousMAUserAuthor Commented:
Hi Rob,

I got it! Finally it worked. Thank you, thank you, thank you! T

********************************************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"
$a = Get-Content -path c:\scripts\sample.txt

ForEach ($ComputerName in $a)
{
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Group="$GroupName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window

0
CuriousMAUserAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for CuriousMAUser's comment #a40649805

for the following reason:

Thank you.
0
RobSampsonCommented:
Hi, I'm not sure why you want this to be executed via a GPO, but then you have it read an input text file.  Wouldn't that suggest you can just run it from an Admin workstation with the input file?

At any rate, I think you are just missing one closing bracket at the end of the code
Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
#Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"
$a = Get-Content c:\Temp\Scripts\sample.txt

ForEach ($ComputerName in $a) {
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = {Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""}
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Group="$GroupName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window


P.S. Am I able to receive some credit for assisting you with the solution?

Regards,

Rob.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CuriousMAUserAuthor Commented:
Absolutely. Thank you very much! What I use the GPO for is to enable the Windows Remote Management network service. The code you wrote will run from a workstation with Admin rights to the remote desktops. Thank you, again. Tom
0
RobSampsonCommented:
Hi.  Thanks for the grade.  For WMI calls using the Get-WMIObject cmdlet, Windows Powershell Remoting (the WinRM service) is not used.  It will use DCOM instead, the same way that VBScript (or other legacy WMI calls) does.  The new alternative, Get-CIMInstance, will use WinRM by default, but can also fall back to DCOM if WinRM is not available.

Regards,

Rob.
0
CuriousMAUserAuthor Commented:
Perfect. Still sorting through the best way to accomplish the goal. Thank you again for your patience.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Desktops

From novice to tech pro — start learning today.