• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

What is the best way to export the remote desktop Administrators member list?

Hi,

What I'd like to do is to export the remote desktop Administrators member list? I've experimented with the Get-ADGroup and Get-ADGroupMember but those commands only direct the requests to active directory. I've tried using the Invoke-Command but found we need to enable the Windows Remote Management service on the Windows 7 desktops. GPO is the easiest way to enable WinRM but is there an alternative to PowerShell Remoting or is the Invoke-Command the best command?

Thank you.

****************************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

Get-ADComputer -Filter '*' -SearchBase "OU=Computers,DC=company,DC=com" -Properties Name | % {
  $PC = $_.Name

  if (Test-Connection $PC -Count 1 -TimeToLive 5 -Quiet)
  {
    Get-WmiObject Win32_UserAccount -ComputerName $PC -Filter "Administrator'" | % {
      New-Object PsObject -Property @{
                 "User Name"             = $_.Name
                 "Full Name"             = $_.FullName
                 "Logon Account Caption" = $_.Caption
                 "Disabled"              = $_.Disabled
                 "Status"                = $_.Status
                 "LockOut"               = $_.LockOut
                 "Password Changeable"   = $_.PasswordChangeable
                 "Password Expires"      = $_.PasswordExpires
                 "Password Required"     = $_.PasswordRequired
                 "Domain"                = $_.Domain
                 "Description"           = $_.Description
      } | Export-csv c:\Scripts\DesktopUserDetail.csv -Append -NoTypeInformation
    }
  }  
}
0
CuriousMAUser
Asked:
CuriousMAUser
  • 14
  • 6
1 Solution
 
RobSampsonCommented:
Hi, I have used this to extract the members of that group using WMI:
$ComputerName = "RemotePCName"
$GroupName = "Remote Desktop Users"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 

# Parse out the username from each result and append it to the array. 
If ($objWMI -ne $Null) 
{
    ForEach ($objItem In $objWMI) 
    { 
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    } 
} 
Write-Output $arrUsers

Open in new window


Regards,

Rob.
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

I'd like to apply this script to a desktop collection but this entry doesn't work;

$ComputerName = "(Get-Content C:\Scripts\sample.txt)"

Any thoughts?
Thank you.
0
 
CuriousMAUserAuthor Commented:
I tried $ComputerName = "Get-Content -filepath C:\Scripts\sample.txt" in the variable section but no better luck ...
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
CuriousMAUserAuthor Commented:
Hi Rob,

I fixed the Get-Content syntax but now I see a WMI error with the Get-WMIObject entry. Any thoughts? Where to look? Thank you for your time.

*********************************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = "Get-Content -path c:\scripts\sample.txt"
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
}
Write-Output $arrUsers
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

I no longer receive the prior errors but I'd like to output the desktop machines Administrator membership list to a csv file. Any thoughts?

Thank you.
**************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = Get-Content c:\scripts\sample.txt
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
}
Export-csv test.csv -append -NoTypeInformation
0
 
CuriousMAUserAuthor Commented:
Administrator(s) membership list
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

Down below is the final script. After I logon as an Admin account I now receive the error message: RPC unavailable ... Thanks.

Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = Get-Content c:\scripts\sample.txt
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
} Write-Output $arrusers | Export-csv test.csv -append -NoTypeInformation
0
 
RobSampsonCommented:
Hi, I had to play with this for a few hours, because I'm reasonably green to Powershell, but I finally got it.

Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"

Get-Content c:\Temp\scripts\sample.txt |
ForEach {
    $ComputerName = $_
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window


I was getting an error that said "Export-csv : Cannot append CSV content to the following file: test.csv. The appended object does not have a property that corresponds to the following column:
6805126  (U). To proceed with mismatched properties, add the -Force switch and retry."

This error was simply due to the fact that a Test.CSV already existed, with different columns that didn't match to what we were outputting, to it couldn't append.

Regards,

Rob.
0
 
RobSampsonCommented:
A marginally shorter version, including an "OFFLINE" notification.

Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"

Get-Content c:\Temp\scripts\sample.txt |
ForEach {
    $ComputerName = $_
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $AllGroups += New-Object PsObject -Property @{
                    ComputerName="$ComputerName"
                    Member="$DomainName\$UserName"
                }
            }
        }
    }
    Else
    {
        $AllGroups += New-Object PsObject -Property @{
            ComputerName="$ComputerName"
            Member="<Offline>"
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window


EDIT: It is only two lines shorter, but with the addition of the "OFFLINE" part, it's actually longer
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

Thank you for your diligence. With the newest changes the CSV output contain the desktop names and the adjacent column with <Offline> in each cell. Unfortunately, no true.

I the prior script I found the CSV file called test.csv empty.

Thank you,
Tom
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

Your script below works beautifully for one system. My goal is to run a script against a collection of systems and determine the remote Administrators group membership. I'm working to create a GPO to push the Windows Remote Management (WRM) settings to the same systems.

http://www.grouppolicy.biz/2014/05/enable-winrm-via-group-policy/

Thank you,
Tom

=======================================================================
#
# NAME: GetDesktopGroupMembers.ps1
#
# Modified: Company Inc IT Staff
# Date: 04-Mar-2015
# Verison: PowerShell 4.0
# Client OS: Windows 7
# Server OS: Windows 2008 R2
#
# Description:
# Retrieve Desktop Computer Detail
#
# Assumes the presence of Microsoft's ActiveDirectory PowerShell module
# Requires Administrator permissions to execute the script
# ===================================================================================================================
Set-StrictMode -Version Latest
Set-ExecutionPolicy remotesigned -Force
import-module activedirectory

$ComputerName = "DEV-WIN7x64"
$GroupName = "Administrators"
$arrUsers = @()
$objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""

# Parse out the username from each result and append it to the array.
If ($objWMI -ne $Null)
{
    ForEach ($objItem In $objWMI)
    {
        $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
        $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
        $arrUsers += "$DomainName\$UserName"
    }
} Write-Output $arrusers
0
 
RobSampsonCommented:
The scripts I posted in my last two comments require that C:\Temp\Scripts\sample.txt
Contains one computer name per line. For the second code, it should either contain the group members, or the word OFFLINE if each machine cannot be contacted. It should not produce empty output. Does your input file have computer names in it?

Rob.
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

I've activated a GPO to apply the WinRM network service on remote desktops. I'll connect to a subset of machines tomorrow, run winrm quickconfig -q, to enable the WinRM listener and tst the script again.

Thank you,
Tom
0
 
CuriousMAUserAuthor Commented:
Hi Rob,

We're so close. The script below exports the local system Administrators group membership successfully. What do I need to change to have the script loop through the file, sample.txt? Currently the script doesn't append the file, test.csv, with members listed inside sample.txt file.

Thank you,
T

Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"
$ComputerName = $env:computername

Get-Content c:\scripts\sample.txt |
ForEach {
       If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window

0
 
CuriousMAUserAuthor Commented:
Hi Rob,

I got it! Finally it worked. Thank you, thank you, thank you! T

********************************************************************
Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"
$a = Get-Content -path c:\scripts\sample.txt

ForEach ($ComputerName in $a)
{
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Group="$GroupName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window

0
 
CuriousMAUserAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for CuriousMAUser's comment #a40649805

for the following reason:

Thank you.
0
 
RobSampsonCommented:
Hi, I'm not sure why you want this to be executed via a GPO, but then you have it read an input text file.  Wouldn't that suggest you can just run it from an Admin workstation with the input file?

At any rate, I think you are just missing one closing bracket at the end of the code
Set-StrictMode -Version Latest
Set-ExecutionPolicy RemoteSigned -Force
#Import-Module ActiveDirectory

$GroupName = "Administrators"
$AllGroups = @()
$OutputFile = "test.csv"
$a = Get-Content c:\Temp\Scripts\sample.txt

ForEach ($ComputerName in $a) {
    If (Test-Connection -ComputerName $ComputerName -Count 1 -Quiet) {
        $objWMI = {Get-WmiObject -ComputerName $ComputerName -Query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`""}
        # Parse out the username from each result and append it to the array. 
        If ($objWMI -ne $Null) {
            ForEach ($objItem In $objWMI) {
                $DomainName = $objItem.PartComponent.Split(",")[0].SubString($objItem.PartComponent.Split(",")[0].IndexOf("`"")).Replace("`"", "")
                $UserName = $objItem.PartComponent.Split(",")[1].Replace("Name=", "").Replace("`"", "")
                $arrUsers = [Ordered]@{
                    ComputerName="$ComputerName"
                    Group="$GroupName"
                    Member="$DomainName\$UserName"
                }
                $objUsers = New-Object PsObject -Property $arrUsers
                $AllGroups += $objUsers
            }
        }
    }
}
$AllGroups | Export-csv $OutputFile -append -NoTypeInformation

Open in new window


P.S. Am I able to receive some credit for assisting you with the solution?

Regards,

Rob.
0
 
CuriousMAUserAuthor Commented:
Absolutely. Thank you very much! What I use the GPO for is to enable the Windows Remote Management network service. The code you wrote will run from a workstation with Admin rights to the remote desktops. Thank you, again. Tom
0
 
RobSampsonCommented:
Hi.  Thanks for the grade.  For WMI calls using the Get-WMIObject cmdlet, Windows Powershell Remoting (the WinRM service) is not used.  It will use DCOM instead, the same way that VBScript (or other legacy WMI calls) does.  The new alternative, Get-CIMInstance, will use WinRM by default, but can also fall back to DCOM if WinRM is not available.

Regards,

Rob.
0
 
CuriousMAUserAuthor Commented:
Perfect. Still sorting through the best way to accomplish the goal. Thank you again for your patience.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

  • 14
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now