Get All local members and groups displayed together
So far I have the below script that works like a charm but that only list the members of the group "Administrators". As my servers might be german, french ... I have no guarantee that such group will exist with the english word. So I want to adapt it to collect all groups and associated members instead of only Administrators... bummer I am stucked on a specific step
The script below list all users that are in non-empty local groups. However I would like to get in my CSV also the name of the group the user is part of, for clearer interpretations.
Can someone help me on this? I am a bit stucked and for quite nothing.
$Servers=Get-Content ListOfComputers.txt
$output = 'ListOfLocalAdministratorsGroup.csv'
$results = @()
foreach($server in $Servers)
{
$admins = @()
$computer =[ADSI]"WinNT://$server"
$computer.psbase.children | where { $_.psbase.schemaClassName -eq 'group' } | foreach {
$group =[ADSI]$_.psbase.Path
$members = @($group.psbase.Invoke("Members"))
$members | foreach {
$obj = new-object psobject -Property @{
Server = $Server
Admin = $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)
}
$admins += $obj
}}
$results += $admins
}
$results| Export-csv $Output -NoTypeInformation
Answer
The local administrators group will always have the following sid: S-1-5-32-544 (documented at Well-known security identifiers in Windows operating systems.)
So, you can add the following to your script to get the correct group name:
$objSID = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$objgroup = $objSID.Translate( [System.Security.Principal.NTAccount])
$objgroupname = ($objgroup.Value).Split("\")[1]