none
Get all members of local admin group for list of servers

    Question

  • I am trying to write a script to list all the members of the local Administrators group on a list of servers.  I can get the data back but am unable to find a way to format the data output as usable for my audit.

     

    here is what I got so far:

     

    $servers= get-content 'c:\input\test.txt'

    $output = 'c:\output\test.csv'

    foreach($server in $servers)

      {

     

            $group =[ADSI]"WinNT://$server/Administrators" 

            $members = @($group.psbase.Invoke("Members"))

            $results = $members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } 

     

        }

     

    $results >> $output

    What I really need though is a way to add the servername in a column next to the users (at least) to be able to know which users belong to the listed server. 

    i.e. I would like to be able to just add:

     $Results += New-Object PSObject -Property $share

    }

    $Results | Export-Csv $Output -NoTypeInformation

    but the script errors with this:

    New-Object : Cannot convert 'System.Object[]' to the type 'System.Collections.Hashtable' required by parameter 'Property'. Specified method is not supported.

    At line:11 char:41

    + $object += New-Object PSObject -Property <<<<  $results

        + CategoryInfo          : InvalidArgument: (:) [New-Object], ParameterBindingException

        + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.PowerShell.Commands.NewObjectCommand

     

     


    Thank you, TJ N. Hansen “He who knows nothing is closer to the truth than he whose mind is filled with falsehoods and errors” Thomas Jefferson
    Wednesday, August 17, 2011 10:01 PM

Answers

  • Or if you would like each member separated out, you can do it like this.  It allows you to sort by user in the CSV and see which machines they are an admin on.

     

    $servers= get-content 'c:\input\test.txt'
    $output = 'c:\output\test.csv' 
    $results = @()
    
    foreach($server in $servers)
    {
    $admins = @()
    $group =[ADSI]"WinNT://$server/Administrators" $members = @($group.psbase.Invoke("Members")) $members | foreach { $obj = new-object psobject -Property @{ Server = $Server Admin = $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } $admins += $obj } $results += $admins } $results| Export-csv $Output -NoTypeInformation


     


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer".

    Rich Prescott | MCITP, MCTS, MCP

    Blog | Twitter: @Arposh | Powershell Client System Administration tool
    Wednesday, August 17, 2011 10:44 PM

All replies

  • Separate char ";" - User1;User3

     

    $servers= get-content 'c:\input\test.txt'
    $output = 'c:\output\test.csv'
    
    $results = @()
    
    foreach($server in $servers)
    {
     $group =[ADSI]"WinNT://$server/Administrators" 
     $members = $group.Members() | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } 
     $results += New-Object PsObject -Property @{
      Server = $server
      Members = $members -join ";"
      }
    }
    
    $results | Export-Csv $Output -NoTypeInformation
    



    Wednesday, August 17, 2011 10:12 PM
  • Or if you would like each member separated out, you can do it like this.  It allows you to sort by user in the CSV and see which machines they are an admin on.

     

    $servers= get-content 'c:\input\test.txt'
    $output = 'c:\output\test.csv' 
    $results = @()
    
    foreach($server in $servers)
    {
    $admins = @()
    $group =[ADSI]"WinNT://$server/Administrators" $members = @($group.psbase.Invoke("Members")) $members | foreach { $obj = new-object psobject -Property @{ Server = $Server Admin = $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } $admins += $obj } $results += $admins } $results| Export-csv $Output -NoTypeInformation


     


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer".

    Rich Prescott | MCITP, MCTS, MCP

    Blog | Twitter: @Arposh | Powershell Client System Administration tool
    Wednesday, August 17, 2011 10:44 PM
  • I have the following script..take a look.  You can ignore the email part..

    http://portal.sivarajan.com/2011/04/list-local-administrator-group-members.html

    $GFile = New-Item -type file -force "C:\Scripts\SGroupMemberDetails.csv"
    
    Import-CSV "C:\Scripts\Servers.csv" | ForEach-Object {
    $SName = $_.ServerName
    "Server Name -  $SName" | Out-File $GFile -encoding ASCII -append
    $group = [ADSI]("WinNT://$SName/Administrators,group"$GMembers = $group.psbase.invoke("Members")
    $GMembers | ForEach-Object {$_.GetType().InvokeMember("Name",'GetProperty', $null, $_, $null) | Out-File $GFile -encoding ASCII -append
    }
    


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
    This posting is provided AS IS with no warranties,and confers no rights.
    Thursday, August 18, 2011 2:07 AM
  • Arposh,

     

    i like your solution but the output is having an error and rewriting the servers group membership to the csv with every iteration of the script i.e. 

     

    testserver1 Admin

    testserver1 Admin

    testserver2 Admin

    testserver1 Admin

    testserver2 Admin

    testserver3 Admin

    testserver1 Admin

    testserver2 Admin

    testserver3 Admin

    testserver4 Admin

    and so on...

     

    Any way to fix this in the script?  It looks like the dual $admins = @() and $results = @() is causing the object to input the data this way?


    Thank you, TJ N. Hansen “He who knows nothing is closer to the truth than he whose mind is filled with falsehoods and errors” Thomas Jefferson
    Thursday, August 18, 2011 4:21 PM
  • I updated the code to fix that issue.  $admins = @() was moved to the correct location.

    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer".

    Rich Prescott | MCITP, MCTS, MCP

    Blog | Twitter: @Arposh | Powershell Client System Administration tool
    Thursday, August 18, 2011 5:00 PM
  • Is there a way for the output csv to have a seperator line between the servers that list in the csv?

    Or for just the server names to list once? 


    Thursday, August 18, 2011 8:24 PM
  • Heckter,

    Use Kazun's script to do that.


    If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer".

    Rich Prescott | MCITP, MCTS, MCP

    Blog | Twitter: @Arposh | Powershell Client System Administration tool
    Monday, August 22, 2011 3:31 PM
  • I'll use that, thank you all :)
    Monday, August 22, 2011 4:13 PM
  • Rich

    I get the error below when I run my script. All I did was edit it to point to my folder locations and to my list of servers.  Any ideas?

    At line:16 char:15
    + {$admins = @()$group =[ADSI]"WinNT://$server/Administrators"
    +               ~~~~~~
    Unexpected token '$group' in expression or statement.
        + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
        + FullyQualifiedErrorId : UnexpectedToken
     

    Wednesday, August 28, 2013 4:30 PM
  • There's supposed to be a line break between "$admins = @()" and "$group = ...".  You've somehow put both statements on the same line, which won't work (unless they're separated by a semicolon, but that's generally bad coding practice).
    Wednesday, August 28, 2013 4:46 PM
  • you saved my whole day... great work.
    Wednesday, March 05, 2014 10:30 AM