Home > PowerShell Scripting, Scripting, Windows Server > Retrieve a list of local administrators using Powershell.

Retrieve a list of local administrators using Powershell.

Although a large number of scripts are available already for this job, most of them do not include an option to enumerate a remote machine.

My script uses WMI, allows you to query remote machines and returns objects for future use.

Thanks to my colleague Jason for the inspiration and help with this script!

function get-localadministrators {
    param ([string]$computername=$env:computername)

    $computername = $computername.toupper()
    $ADMINS = get-wmiobject -computername $computername -query "select * from win32_groupuser where GroupComponent=""Win32_Group.Domain='$computername',Name='administrators'""" | % {$_.partcomponent}

    foreach ($ADMIN in $ADMINS) {
                $admin = $admin.replace("\\$computername\root\cimv2:Win32_UserAccount.Domain=","") # trims the results for a user
                $admin = $admin.replace("\\$computername\root\cimv2:Win32_Group.Domain=","") # trims the results for a group
                $admin = $admin.replace('",Name="',"\")
                $admin = $admin.REPLACE("""","")#strips the last "

                $objOutput = New-Object PSObject -Property @{
                    Machinename = $computername
                    Fullname = ($admin)
                    DomainName  =$admin.split("\")[0]
                    UserName = $admin.split("\")[1]
                }#end object

    $objreport+=@($objoutput)
    }#end for

    return $objreport
}#end function

get-localadministrators
  1. Nick
    June 23, 2011 at 4:49 pm

    Can you specify a little more how I would query remote computers with this script?

  2. Nick
    June 23, 2011 at 5:17 pm

    Nevermind I figured it out! Also is there a way to go through each of the groups it finds and list whoever is in there?

    • June 23, 2011 at 7:32 pm

      Hi Nick, thanks for taking the time to post feedback!

      I’ll look at enumerating nested groups for you later this evening.

      Cheers!

      A

      • Nick
        July 12, 2011 at 8:07 pm

        Any luck my friend? Just wondering if you ever got the enumerating portion going?

        Thanks!

    • June 3, 2013 at 8:36 pm

      Nick,

      Not sure if you need this, but I needed it – this script block works for me…

      $LocalGroups = gwmi win32_group|?{$_.domain -eq $env:computername}|select -ExpandProperty Name
      Foreach($localGroup in $LocalGroups)
      {
      “Members in the $localgroup :”
      $computer = [adsi](“WinNT://”+$env:COMPUTERNAME+”,computer”)
      #$computer.psbase.children.find(“$localGroup”)
      $group = $computer.psbase.children.find(“$localGroup”)
      $group.psbase.invoke(“Members”)|%{$_.gettype().InvokeMember(“Adspath”,’GetProperty’,$null, $_, $null)}
      “”

      }

      Everything I run is wrapped into a scriptblock and executed remotely, which is how I get away with using variables like $env:computername.

      Hope this helps.

  3. July 29, 2011 at 8:59 pm

    Hi Nick,

    I have attempted to do this, but I’m sorry to say I don’t have the time to get you a full module to enumerate all groups.

  4. Nick
    July 29, 2011 at 9:13 pm

    No worries! Thanks for the attempt I appreciate it.

  5. Meridian
    July 25, 2012 at 3:53 pm

    How would I modify this to read a text file of predefined computer names into the function get-localadministrators?

  6. July 25, 2012 at 3:58 pm

    Hi Meridian,

    put each server name on a line in your text file

    get-content “c:\bla\bla\bla\servers.txt” | % {get-localadministrators $_}

    • Jim
      August 2, 2012 at 7:44 pm

      Script works fine against local computer, but adding
      get-content “c:\path\filename.txt” | % {get-localadministrators $_} for additional machines on a new line anywhere in the script results in errors.

  7. August 3, 2012 at 12:19 pm

    hi Jim,

    this works ok for me as follows:

    “server1″,”server2” | % {get-localadministrators -computername $_}

  8. JohnD
    October 1, 2012 at 2:20 pm

    Thanks Andrew!
    Just what I needed.

  9. Chris
    January 2, 2013 at 5:12 pm

    I’m still confused on how to query a remote computer whith this script? Can anyone explane?

    • January 2, 2013 at 7:10 pm

      Hi Chris,

      Does:

      Get-localadministrators -computername “computer01”

      Not work?

  10. Jim
    March 6, 2013 at 5:22 pm

    Im having problems getting this to read from a file with a list of computers. Im new to scripting so what do i need to put where inorder to do this. I would also like to get the output to a text file.
    Thanks

  11. March 7, 2013 at 9:29 pm

    Hi Jim, try:

    Get-content “c:\file.txt” | % {get-localadministrators -computername $_}

    To read from a text fie, if that works report back and ill tackle your second request.

  12. David
    March 19, 2013 at 4:30 pm

    For some reason, the script only shows the users on the local machine, not the machine indicated by the -computername parameter.

    Any ideas?

    • akismet-7f1e5b87853339fcf4717a0bcfd0e4c1
      April 5, 2013 at 1:05 pm

      David, add the following line after the function:

      foreach($server in (gc .\masterserver.txt)){get-localadministrators -computername $server}

      Change .\masterserver.txt to the path of a text file that has a list of your servers one per line.

      • Terry
        June 26, 2013 at 11:05 pm

        I hate to ask this but I am an absolute beginner. Can you show exactly where to add this? I added it where what I thought was after the function but I get nothing but errors.

      • June 27, 2013 at 11:46 pm

        Add what terry? The computername?

  13. Ratheesh
    May 1, 2013 at 9:39 pm

    Hi,
    How to export the result to .csv

  14. Terry
    June 28, 2013 at 1:25 am

    foreach($server in (gc .\masterserver.txt)){get-localadministrators -computername $server}

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: