locked
Retrieving list of local Administrators members for all computers on domain RRS feed

  • Question

  • Found that our IT support group has been inappropriately allowing some users as administrators on their local machines. So now I need to audit all 60+ computers to ensure that I get all users except domain admin back out of the local Administrators groups.

    I have found a number of scripts that allow me to retrieve them one at a time, such as the Get-Remote_LocalAdmin.ps1 file here: https://gallery.technet.microsoft.com/scriptcenter/Get-remote-machine-members-bc5faa57. But I have maybe 60+ machines to do.

    So what need to do is this:

    1. Identify all computers on the domain. No need to exclude servers, but showing computer OS for each in step #3 would be a plus.

    2. Pipe that output to the portion of the script that retrieves the local Administrators group membership list for the computer.

    3. Ideally, send it all out to a .csv file for easy perusal and especially sorting by user.

    I understand I could also just pipe the output to a text file, but those can be rather arcane reading. CSV is just much simpler to read. And with the once- or twice-per-year that I need to use PowerShell, I can never seem to spend enough time with PowerShell to get my skills & memory up to the point that I can point anything like this together on my own.

    So any help is much appreciated.

    Friday, March 1, 2019 3:29 PM

Answers