Quantcast
Channel: Windows PowerShell forum
Viewing all articles
Browse latest Browse all 21975

Getting All Local Groups, Group Members and Local accounts on all Servers

September 19, 2014, 9:32 am
$
0
0

Hello Everyone,

Sorry if this has been covered already, but I didnt see anything that quite answered my question.

I've been given the task of generating an Access Control List here at work and I've managed to piece together a few scripts that gets me so close it's frustrating.

The script I have now will parse through a text file with all my Windows servers listed in it and it does output in the console the server name, all of the groups on the server (Administrators, Remote Users, Backup Operators, etc.) and all the individual members of those groups and nested groups.

However, I can't seem to get it to export to a CSV for easy digestion.  I've tried to pipe the export-csv command, but the csv it gives me doesnt have any useful information in it.

Here is the script:

$list =@() 
$Servers=Get-Content ListOfComputers.txt

foreach($server in $Servers) {
$server | % {
	$server = $_
	$server
	$computer = [ADSI]"WinNT://$server,computer"
	$computer.psbase.children | where { $_.psbase.schemaClassName -eq 'group' } | foreach {"`tGroup: " + $Group.Name
		$group =[ADSI]$_.psbase.Path
		$group.psbase.Invoke("Members") | foreach {
			$us = $_.GetType().InvokeMember("Adspath", 'GetProperty', $null, $_, $null)
			$us = $us -replace "WinNT://",""
			$class = $_.GetType().InvokeMember("Class", 'GetProperty', $null, $_, $null)
			$list += new-object psobject -property @{Group = $group.Name;Member=$us;MemberClass=$class;Server=$server}"`t`tMember: $us ($Class)"
		    }
	    }
    }
}

The format it pumps out to the console is good, other than it's somewhat upside down, the members are all listed above the group name such as below, where there's no members in the Administrators group, but User1, 2 and 3 are part of the Remote Desktop Group. This isn't horrible as I can cut and paste it out of the console and into a spreadsheet, but then i have to shift things up a row and doing that for the entire list is going to be way more work than I'd like.

Server01

Administrators

User1

User2

User3

Remote Desktop Users

When I use export-csv on the script above I get a bunch of numbers rather than groups or members like this:


Length
13
51
40
35
63
63
35
32

Hopefully, there's someone out there who can help me tweak this script so that I can just dump it all to a csv and be done, with little to no massaging of the data afterward.

Thanks in advance,

Tyler

Search
Viewing all articles
Browse latest Browse all 21975
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>