none
list of local users on domain servers

    Question

  • Hi

    I was asked to get the list of all local users on remote servers in a domain. I tried to hire consultants but they tried with powershell and all they are getting that server is unreachable so powershell is definitely not the way to output this list.

    Do you know any tool that will be able to scan all the servers in a domain and output the list of local users that exist it is for audit purposes.

    If this is not possible then i will just inform my boss that it cannot be done

    Consultants tried at least 20 scripts and they couldnt get what we need. Of course they were not paid and they will be trying in the future.

    Since this is wider auditorium maybe someone did this successfully.

    For example i have 300 servers in domain.com how do I get list of local users on the remote servers any GUI tool available for that

    Nothing on google


    Dalibor Bosic

    Tuesday, December 20, 2016 3:41 PM

Answers

  • Hi,

    >>Is there any GUI tool that you may know about that would do this without all the hassle

    You could try this GUI tool:

    Windows local Users Management Tool

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best regards,

    Andy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by cer113 Wednesday, December 21, 2016 3:26 AM
    Wednesday, December 21, 2016 2:29 AM
    Moderator

All replies

  • employ better consultants
    Tuesday, December 20, 2016 3:42 PM
  • this script here seems to work.

    https://gallery.technet.microsoft.com/scriptcenter/Script-to-retrieve-all-b70a1dba

    also you can download pstools and do

    PSEXEC \\computer NET user

    Maybe a start, i would assume security would need to be set properly on servers. Also First script lists nothing on a domain controller where Net user will list AD users.

    Tuesday, December 20, 2016 4:02 PM
  • Get-WmiObject : Invalid query
    At line:8 char:38
    +     $AllLocalAccounts = Get-WmiObject <<<<  -Class Win32_UserAccount -Namespace "root\cimv2" `
        + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], ManagementException
        + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

    The term '-Filter' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
    At line:9 char:12
    +     -Filter <<<<  "LocalAccount='$True'" -ComputerName $Computer -ErrorAction Stop
        + CategoryInfo          : ObjectNotFound: (-Filter:String) [], CommandNotFoundException
        + FullyQualifiedErrorId : CommandNotFoundException

    first script gives me this error

     

    Dalibor Bosic

    Tuesday, December 20, 2016 5:05 PM
  • this script is advertised to retrieve local accounts on all computers but only retrieves on computer that is run on


    Param
    (
        [Parameter(Position=0,Mandatory=$false)]
        [ValidateNotNullorEmpty()]
        [Alias('cn')][String[]]$ComputerName=$Env:COMPUTERNAME,
        [Parameter(Position=1,Mandatory=$false)]
        [Alias('un')][String[]]$AccountName,
        [Parameter(Position=2,Mandatory=$false)]
        [Alias('cred')][System.Management.Automation.PsCredential]$Credential
    )
        
    $Obj = @()

    Foreach($Computer in $ComputerName)
    {
        If($Credential)
        {
            $AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
            -Filter "LocalAccount='$True'" -ComputerName $Computer -Credential $Credential -ErrorAction Stop
        }
        else
        {
            $AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
            -Filter "LocalAccount='$True'" -ComputerName $Computer -ErrorAction Stop
        }
        
        Foreach($LocalAccount in $AllLocalAccounts)
        {
            $Object = New-Object -TypeName PSObject
            
            $Object|Add-Member -MemberType NoteProperty -Name "Name" -Value $LocalAccount.Name
            $Object|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $LocalAccount.FullName
            $Object|Add-Member -MemberType NoteProperty -Name "Caption" -Value $LocalAccount.Caption
              $Object|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $LocalAccount.Disabled
              $Object|Add-Member -MemberType NoteProperty -Name "Status" -Value $LocalAccount.Status
              $Object|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $LocalAccount.LockOut
            $Object|Add-Member -MemberType NoteProperty -Name "Password Changeable" -Value $LocalAccount.PasswordChangeable
            $Object|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $LocalAccount.PasswordExpires
            $Object|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $LocalAccount.PasswordRequired
            $Object|Add-Member -MemberType NoteProperty -Name "SID" -Value $LocalAccount.SID
            $Object|Add-Member -MemberType NoteProperty -Name "SID Type" -Value $LocalAccount.SIDType
            $Object|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $LocalAccount.AccountType
            $Object|Add-Member -MemberType NoteProperty -Name "Domain" -Value $LocalAccount.Domain
            $Object|Add-Member -MemberType NoteProperty -Name "Description" -Value $LocalAccount.Description
            
            $Obj+=$Object
        }
        
        If($AccountName)
        {
            Foreach($Account in $AccountName)
            {
                $Obj|Where-Object{$_.Name -like "$Account"}
            }
        }
        else
        {
            $Obj
        }
    }

    Foreach($Computer in $ComputerName)
    {
        If($Credential)
        {
            $AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
            -Filter "LocalAccount='$True'" -ComputerName $Computer -Credential $Credential -ErrorAction Stop
        }
        else
        {
            $AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
            -Filter "LocalAccount='$True'" -ComputerName $Computer -ErrorAction Stop
        }
        
        Foreach($LocalAccount in $AllLocalAccounts)
        {
            $Object = New-Object -TypeName PSObject
            
            $Object|Add-Member -MemberType NoteProperty -Name "Name" -Value $LocalAccount.Name
            $Object|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $LocalAccount.FullName
            $Object|Add-Member -MemberType NoteProperty -Name "Caption" -Value $LocalAccount.Caption
              $Object|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $LocalAccount.Disabled
              $Object|Add-Member -MemberType NoteProperty -Name "Status" -Value $LocalAccount.Status
              $Object|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $LocalAccount.LockOut
            $Object|Add-Member -MemberType NoteProperty -Name "Password Changeable" -Value $LocalAccount.PasswordChangeable
            $Object|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $LocalAccount.PasswordExpires
            $Object|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $LocalAccount.PasswordRequired
            $Object|Add-Member -MemberType NoteProperty -Name "SID" -Value $LocalAccount.SID
            $Object|Add-Member -MemberType NoteProperty -Name "SID Type" -Value $LocalAccount.SIDType
            $Object|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $LocalAccount.AccountType
            $Object|Add-Member -MemberType NoteProperty -Name "Domain" -Value $LocalAccount.Domain
            $Object|Add-Member -MemberType NoteProperty -Name "Description" -Value $LocalAccount.Description
            
            $Obj+=$Object
        }
        
        If($AccountName)
        {
            Foreach($Account in $AccountName)
            {
                $Obj|Where-Object{$_.Name -like "$Account"}
            }
        }
        else
        {
            $Obj
        }
    }


    Dalibor Bosic

    Tuesday, December 20, 2016 5:19 PM
  • Answer found. Power shell is not capable to do this there are some GUI tools available specifically for this function. I have talked with one MVP an he says powershell cannot do this there is no point to try.

    Easy to do it on single computer but not in every computer in the domain (at least servers).


    Dalibor Bosic

    Tuesday, December 20, 2016 6:41 PM
  • script worked for me before i suggested, you have to call script with server name. if its not working it's likley  a security issue with wmi, if it's simply WMI security try running "winrm quickconfig" on server before running script.

    once you make it work for one computer then it's simply sending the list of servers to the srcipt. Unfortunatly you may have to run the winrm quickconfig on all of them once to make it work.

    Tuesday, December 20, 2016 7:21 PM
  • .\GetLocalAccount.ps1 server1, srever2 | ft

    this command will run for two computers and display in table format instead of list.

    Tuesday, December 20, 2016 7:23 PM
  • Dalibor,

    Doesn't seem to difficult to me.  I've not used powershell for this purpose but the task seems rather reasonable.  I would start with the error log.

    Esis

    Tuesday, December 20, 2016 11:12 PM
  • I have list of all the servers output in CSV file so that cannot be used. If I have to put every server name in the script then I can engage more people and since we have only around 500 servers each person can manually log in to every single server and get this list individually.

    Anyway this is supposed to be done for auditing purposes but if it cannot be done it ok I am about to close this thing and auditors may do what they want.

    Not worth too much time to spend on this if it is too complicated then I will just leave it the way it is. It is just auditors that I don't care much aout.

    Is there any GUI tool that you may know about that would do this without all the hassle. If any tool is available I don't mind buying it cause it may serve other purposes as well. I have heard of LAN SWEEPER will give this a try but since auditors come very soon this is too late now

    But that GUI tool may be useful in future


    Dalibor Bosic

    Wednesday, December 21, 2016 12:14 AM
  • Hi,

    >>Is there any GUI tool that you may know about that would do this without all the hassle

    You could try this GUI tool:

    Windows local Users Management Tool

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best regards,

    Andy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by cer113 Wednesday, December 21, 2016 3:26 AM
    Wednesday, December 21, 2016 2:29 AM
    Moderator
  • Hi

    yes this is very workable it doesn't export csv for group of computers but for individual but it will do the job I only have 500 servers so maybe in few days I will have most of the computers selected and then be able to see the users

    Thanks a lot


    Dalibor Bosic

    Wednesday, December 21, 2016 3:26 AM
  • You're welcome!



    Wednesday, December 21, 2016 3:41 AM
    Moderator
  • Otherwise, you can also try using this free Lepide active directory query tool which should be an ideal solution to fetch such AD users report.
    Wednesday, December 21, 2016 7:48 AM