Enumerate All Admins Remotely | Getting "Group" or "User" Attribute RRS feed

  • Question

  • Hello, I used to use another means of extracting the administrator group from remote machines; however, PowerShell 5.0 messed that up... anyways I came across another script; however, it wasn't quite what I wanted, so I made some changes to it and I ALMOST have it the way I would like it. Any help would be appreciated. As you can tell it get's all servers in AD, for each server - get the enumerate the admin group. Here is a picture of the current output - followed by the code:


    $adservers = get-adcomputer -filter {operatingsystem -like "*server*"} | where {$_.enabled -eq $true} | sort name |Select-Object -ExpandProperty Name  | Set-Content 'C:\temp\servers.txt' -Force 
    function get-localusers { 
        begin {} 
        Process { 
            $adminlist ="" 
            $computer = [ADSI]("WinNT://" + $strComputer + ",computer") 
            $AdminGroup = $computer.psbase.children.find("Administrators") 
            $Adminmembers= $AdminGroup.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)} 
            foreach ($admin in $Adminmembers) { $adminlist = $computer + "," + $admin + ","  
            $Computer = New-Object psobject 
            $computer | Add-Member noteproperty ComputerName $strComputer 
            $computer | Add-Member noteproperty Administrators $admin
            $computer | Add-Member noteproperty GroupType "THIS IS WHERE THE VARIABLE OF 'GROUP' OR 'USER' WOULD GO."
           Write-Output $computer
    end {} 
    Get-Content c:\temp\servers.txt | get-localusers ######## TO BE USED WHEN THE SCRIPT IS FULLY FUNCTIONAL| Export-Csv c:\temp\localusers3.csv #########

    Any help would be appreciated - thanks!

    Monday, August 6, 2018 5:54 PM

All replies

  • After my first quick glance, I see $Computer is used 3 times. First it is an ADSI object, then as a string appended to more strings, then again as a new object. Maybe the second usage should be $strComputer. The last usage should be a different name.

    Edit: And the Class property of each members object, $admin in your script, will be "user" or "group" (lower case). In brief, similar to:

    $Members= @($LocalGroup.psbase.Invoke("Members")) ForEach ($Member In $Members) {

        $Name = $Member.GetType().InvokeMember("Name", 'GetProperty', $Null, $Member, $Null)

    # Check if this member is a group. If ($Member.GetType().InvokeMember("Class", 'GetProperty', $Null, $Member, $Null) -eq "group")

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Monday, August 6, 2018 6:48 PM
  • This would work better all around:

    function get-localusers { 
            $computer = [ADSI]("WinNT://$ComputerName,computer") 
            $group = $computer.psbase.children.find('Administrators') 
            $members= $group.psbase.invoke('Members') | 
                %{$_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null)} 
            foreach ($member in $members) {
                    ComputerName = $ComputerName 
                    Administrator = $member
    GroupName = $group.Name[0] GroupType = $group.groupType[0] } } } } get-adcomputer -filter {operatingsystem -like "*server*" -and Enabled -eq $true}| select -expand name | get-localusers

    The following module will do it all.

    Install-Module LocalUserManagement


    • Edited by jrv Monday, August 6, 2018 7:20 PM
    Monday, August 6, 2018 7:14 PM
  • This isn't correct though, as every single user or group shows up as "4" - which would indicate a group.
    Tuesday, August 7, 2018 2:46 PM
  • A groupType of 4 means a domain local distribution group. But it refers to the group, not any of the members. Does the Class property I referred to work?

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Tuesday, August 7, 2018 3:04 PM