-
Notifications
You must be signed in to change notification settings - Fork 0
/
Get-sjLocalAdministrators-Function.ps1
69 lines (62 loc) · 2.92 KB
/
Get-sjLocalAdministrators-Function.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
Function Get-sjLocalAdministrators {
<#
.NOTES
Steve Schofield
http://weblogs.asp.net/steveschofield/archive/2009/01/08/list-local-administrators-on-a-machine-using-powershell-adsi.aspx
Modified by Steven Judd to be a function, add a parameter for computername, and output result as an object
Updated by Steven Judd on 8/13/2014 to be a function
Version 20140813.1 (please use yyyymmdd.x notation)
.SYNOPSIS
Function to list the local admins of a computer
.DESCRIPTION
This function will connect to a computer or a list of computers and return
a list of users or groups that are part of the local "administrators" group.
.LINK
https://github.com/stevenjudd
.PARAMETER Name
This is either a single computername or an array of computer names. It can
take a value from the pipeline. It also supports the alias of computername
and host.
.EXAMPLE
Get-sjLocalAdministrators
This command runs the script and will prompt for the names of the computers
the return the local administrators.
.EXAMPLE
Get-sjLocalAdministrators -Name server1,server2
This command runs the script and will return the local administrators of
the "server1" and "server2" computers.
.EXAMPLE
Get-sjLocalAdministrators -Name (Get-Content .\serverlist.txt)
This command runs the script and will return the local administrators of
the computer names found in the file serverlist.txt.
.EXAMPLE
Get-ADComputer | Get-sjLocalAdministrators
This command uses the ActiveDirectory cmdlet Get-ADComputer to connect to
Active Directory and return all of the computernames. It pipes the Name
field to Get-sjLocalAdministrators, returning all the local administrator
accounts for all computers in the domain.
#>
Param(
[parameter(
Mandatory = $false,
ValueFromPipeline = $true,
ValueFromPipelineByPropertyName = $true)]
[Alias('host', 'computername')]
[String[]]$Name = $env:COMPUTERNAME #Specify the Computernames to check RDP sessions
)
Begin {}
Process {
Foreach ($item in $Name) {
$computerObj = [ADSI]("WinNT://" + $item + ",computer")
$Group = $computerObj.psbase.children.find("Administrators")
$members = $Group.psbase.invoke("Members") | ForEach-Object { $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) }
foreach ($user in $members) {
[PSCustomObject]@{
'ComputerName' = $item;
'LocalAdmin' = $user
}
} #end foreach $user in $members
} #end foreach $item in $name
} #end process
End {}
} #end Function Get-sjLocalAdministrators