HI,If I only have administrator users and other normal users, then this script will work correctly. If more than one of my users has administrator privileges, an error will be reported

            $localuser = foreach ($localusers in Get-LocalUser) { 
                $props = @{
                    'Name'                   = $localusers.Name;
                    'Enabled'                = $localusers.Enabled;
                    'FullName'               = $localusers.FullName;
                    'PasswordRequired'       = $localusers.PasswordRequired;
                    'UserMayChangePassword'  = $localusers.UserMayChangePassword;
                    'PasswordChangeableDate' = $localusers.PasswordChangeableDate ;
                    'PasswordExpires'        =  $localusers.PasswordExpires;
                    'PasswordLastSet'        = if ($null -eq $localusers.PasswordLastSet) { " " }else { $localusers.PasswordLastSet.toString() };
                    'LastLogon'              = if ($null -eq $localusers.LastLogon) { " " } else { $localusers.LastLogon.toString() };
                    'Groups'                 = (([ADSI]"WinNT://$env:COMPUTERNAME").Children | Where-Object { $_.SchemaClassName -eq 'user' } | Foreach-Object {
                                                $groups = $_.Groups() | Foreach-Object { $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) }
                                                $_ | Select-Object @{n = 'UserName'; e = { $_.Name } }, @{n = 'Groups'; e = { $groups -join ';' } }
                                                } | Select-string $localusers.Name).ToString().Split(" ")[1].Split("=")[1].TrimEnd("}");
                    'SID'                    = $localusers.SID.Value;
                    'SIDBinaryLength'        = $localusers.SID.BinaryLength;
                    'Description'            = $localusers.Description;
                    'hostname'               = [Environment]::MachineName
                }
                New-Object -TypeName PSObject -Property $props
            }
            $localuser | Select-Object hostname, Name, Enabled, FullName, Description, Groups , PasswordRequired, UserMayChangePassword,

error code:

You cannot call a method on a null-valued expression.
Location Line: 11 Characters: 100
+ ... alusers.LastLogon) { " " } else { $localusers.LastLogon.toString() };
+                                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [],RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

The error message complains about something else though. :wink:

I’d try to change this:

'LastLogon' = if ($null -eq $localusers.LastLogon) { " " } else { $localusers.LastLogon.toString() };

to this:

'LastLogon' = if ($localusers.LastLogon) { 'n/a' } else { $localusers.LastLogon.toString() };

I found the problem is with this part of the script:

Select-string $localusers.Name).ToString().Split(" ")[1].Split("=")[1].TrimEnd("}");

I narrowed it down by commenting out the lines until it only affected the Groups section, then gradually commenting out the pipeline elements.

Try it like this:

$groupMembers = foreach ($localGroup in Get-LocalGroup) {
    [PSCustomObject] @{
        Name = $localGroup.Name
        Members = Get-LocalGroupmember $localGroup | Select-Object -ExpandProperty Name | ForEach-Object { ($_ -split '\\')[1] }
    }
}

$userInfo = foreach ($localUser in Get-LocalUser) {
    [PSCustomObject] @{
        Name                   = $localUser.Name
        Enabled                = $localUser.Enabled
        FullName               = $localUser.FullName
        PasswordRequired       = $localUser.PasswordRequired
        UserMayChangePassword  = $localUser.UserMayChangePassword
        PasswordChangeableDate = $localUser.PasswordChangeableDate 
        PasswordExpires        = $localUser.PasswordExpires
        PasswordLastSet        = if ($null -eq $localUser.PasswordLastSet) { " " }else { $localUser.PasswordLastSet.toString() }
        LastLogon              = if ($null -eq $localUser.LastLogon) { " " } else { $localUser.LastLogon.toString() }
        Groups                 = ($groupMembers | Where-Object { $_.Members -contains $localUser.Name } | Select-Object -ExpandProperty Name) -join ', '
        SID                    = $localUser.SID.Value
        SIDBinaryLength        = $localUser.SID.BinaryLength
        Description            = $localUser.Description
        Hostname               = $env:ComputerName
    }
}

$userInfo
1 Like

The problem was solved.Thanks.

Don’t you like to share your solution here? This might help others comming here looking for a solution for the same or a similar problem. :wink:

$localuser = foreach ($localusers in Get-LocalUser) {
                $props = @{
                    'Name'                   = $localusers.Name;
                    'Enabled'                = $localusers.Enabled;
                    'FullName'               = $localusers.FullName;
                    'PasswordRequired'       = $localusers.PasswordRequired;
                    'UserMayChangePassword'  = $localusers.UserMayChangePassword;
                    'PasswordChangeableDate' = if ($null -eq $localusers.PasswordChangeableDate) { " " }else { $localusers.PasswordChangeableDate.toString() };
                    'PasswordExpires'        = if ($null -eq $localusers.PasswordExpires) { " " }else { $localusers.PasswordExpires.toString() };
                    'PasswordLastSet'        = if ($null -eq $localusers.PasswordLastSet) { " " }else { $localusers.PasswordLastSet.toString() };
                    'LastLogon'              = if ($null -eq $localusers.LastLogon) { " " }else { $localusers.LastLogon.toString() };
                    'Groups'                 = (([ADSI]"WinNT://$env:COMPUTERNAME").Children | Where-Object { $_.SchemaClassName -eq 'user' } | Foreach-Object {
                                                $groups = $_.Groups() | Foreach-Object { $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) }
                                                $_ | Select-Object @{n = 'UserName'; e = { $_.Name } }, @{n = 'Groups'; e = { $groups -join ';' } }
                                                } | Select-string $("UserName="+$localusers.Name)).ToString().Split(" ")[1].Split("=")[1].TrimEnd("}");
                    'SID'                    = $localusers.SID.Value;
                    'SIDBinaryLength'        = $localusers.SID.BinaryLength;
                    'Description'            = $localusers.Description;
                    'hostname'               = [Environment]::MachineName
                }
                New-Object -TypeName PSObject -Property $props
            }
            $localuser | Select-Object hostname, Name, Enabled, FullName, Description, Groups , PasswordRequired, UserMayChangePassword, PasswordChangeableDate, PasswordExpires, PasswordLastSet, LastLogon, SID, SIDBinaryLength | ConvertTo-Json

[
    {
        "hostname":  "WINDOWSTEST1",
        "Name":  "Administrator",
        "Enabled":  true,
        "FullName":  "",
        "Description":  "管理计算机(域)的内置帐户",
        "Groups":  "Administrators;Users",
        "PasswordRequired":  true,
        "UserMayChangePassword":  true,
        "PasswordChangeableDate":  "2021/11/23 20:18:10",
        "PasswordExpires":  " ",
        "PasswordLastSet":  "2021/11/22 20:18:10",
        "LastLogon":  "2022/7/12 15:56:54",
        "SID":  "S-1-5-21-1085255729-2531831036-1851133783-500",
        "SIDBinaryLength":  28
    },
    {
        "hostname":  "WINDOWSTEST1",
        "Name":  "DefaultAccount",
        "Enabled":  false,
        "FullName":  "",
        "Description":  "系统管理的用户帐户。",
        "Groups":  "System",
        "PasswordRequired":  false,
        "UserMayChangePassword":  true,
        "PasswordChangeableDate":  " ",
        "PasswordExpires":  " ",
        "PasswordLastSet":  " ",
        "LastLogon":  " ",
        "SID":  "S-1-5-21-1085255729-2531831036-1851133783-503",
        "SIDBinaryLength":  28
    },
    {
        "hostname":  "WINDOWSTEST1",
        "Name":  "Guest",
        "Enabled":  false,
        "FullName":  "",
        "Description":  "供来宾访问计算机或访问域的内置帐户",
        "Groups":  "Guests",
        "PasswordRequired":  false,
        "UserMayChangePassword":  false,
        "PasswordChangeableDate":  " ",
        "PasswordExpires":  " ",
        "PasswordLastSet":  " ",
        "LastLogon":  " ",
        "SID":  "S-1-5-21-1085255729-2531831036-1851133783-501",
        "SIDBinaryLength":  28
    },
    {
        "hostname":  "WINDOWSTEST1",
        "Name":  "user1",
        "Enabled":  true,
        "FullName":  "user1",
        "Description":  "",
        "Groups":  "Administrators;Users",
        "PasswordRequired":  true,
        "UserMayChangePassword":  true,
        "PasswordChangeableDate":  "2022/7/12 23:39:56",
        "PasswordExpires":  "2022/8/22 23:39:56",
        "PasswordLastSet":  "2022/7/11 23:39:56",
        "LastLogon":  " ",
        "SID":  "S-1-5-21-1085255729-2531831036-1851133783-1023",
        "SIDBinaryLength":  28
    },
    {
        "hostname":  "WINDOWSTEST1",
        "Name":  "user2",
        "Enabled":  true,
        "FullName":  "user2",
        "Description":  "",
        "Groups":  "Users;Administrators",
        "PasswordRequired":  true,
        "UserMayChangePassword":  false,
        "PasswordChangeableDate":  "2022/7/13 10:10:10",
        "PasswordExpires":  " ",
        "PasswordLastSet":  "2022/7/12 10:10:10",
        "LastLogon":  " ",
        "SID":  "S-1-5-21-1085255729-2531831036-1851133783-1024",
        "SIDBinaryLength":  28
    },
    {
        "hostname":  "WINDOWSTEST1",
        "Name":  "WDAGUtilityAccount",
        "Enabled":  false,
        "FullName":  "",
        "Description":  "系统为 Windows Defender 应用程序防护方案管理和使用的用户帐户。",
        "Groups":  "",
        "PasswordRequired":  true,
        "UserMayChangePassword":  true,
        "PasswordChangeableDate":  "2021/11/23 19:57:56",
        "PasswordExpires":  "2022/1/3 19:57:56",
        "PasswordLastSet":  "2021/11/22 19:57:56",
        "LastLogon":  " ",
        "SID":  "S-1-5-21-1085255729-2531831036-1851133783-504",
        "SIDBinaryLength":  28
    }
]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.