Hello
I am trying to work out a method of getting a report of all local administrators for a group of servers. The servers are on multiple domains and some are not on any domain. I have a common account which has the same username and password on all systems. I think that will work to run this?
I need to get a list of all the local admin accounts on each server in the list. This should be a local account or domain account and then I need to get at least the last login time for each of the admins.
The script below works great for getting a report of local admins. How can I get this to provide the last login date/time for each of the local admins, and ensure it will report the users that are a member of one of the groups that have been added to the local admins groups to?
#>
[CmdletBinding()]
Param(
[Parameter( ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true
)]
[string]
$ComputerName = $env:ComputerName,
[Parameter()]
[string]
$GroupName = “Administrators”,
[Parameter()]
[string]
$OutputFolder = “c:\scripts\reports”
)
Begin {
$OutputFile = Join-Path $OutputFolder “Local_Report.CSV”
Write-Verbose “Script will write the output to $OutputFile folder”
Add-Content -Path $OutPutFile -Value “ComputerName, GroupName, QueryResult, ObjectType, DomainName, Name”
}
Process {
ForEach($Computer in $ComputerName) {
Write-host “Working on $Computer”
If(!(Test-Connection -ComputerName $Computer -Count 1 -Quiet)) {
Write-Verbose “$Computer is offline. Proceeding with next computer”
Add-Content -Path $OutputFile -Value “$Computer,$GroupName,Offline”
Continue
} else {
Write-Verbose “Working on $computer”
try {
$group = [ADSI]“WinNT://$Computer/$GroupName”
$members = @($group.Invoke(“Members”))
Write-Verbose “Successfully queries the members of $computer”
if(!$members) {
Add-Content -Path $OutputFile -Value “$Computer,$GroupName,NoMembers”
Write-Verbose “No members found in the group”
continue
}
}
catch {
Write-Verbose “Failed to query the members of $computer”
Add-Content -Path $OutputFile -Value “$Computer,QueryFailed”
Continue
}
foreach($member in $members) {
try {
$MemberDisplayName = $member.GetType().Invokemember(“Name”,“GetProperty”,$null,$member,$null)
$ObjectType = $member.GetType().Invokemember(“Class”,“GetProperty”,$null,$member,$null)
$MemberPath = $member.GetType().Invokemember(“ADSPath”,“GetProperty”,$null,$member,$null)
$MemberDomain = $null
if($MemberPath -match “^Winnt://(?\S+)/(?\S+)/”) {
if($ObjectType -eq “User”) {
$ObjectType = “LocalUser”
} elseif($ObjectTypee -eq “Group”){
$ObjectType = “LocalGroup”
}
$MemberDomain = $matches[“CompName”]
} elseif($MemberPath -match “^WinNT://(?\S+)/”) {
if($ObjectType -eq “User”) {
$ObjectType = “DomainUser”
} elseif($ObjectType -eq “Group”){
$ObjectType = “DomainGroup”
}
$DomainOfMember = $matches[“domainname”]
} else {
$ObjectType = “”
$DomainOfMember = “Unknown”
}
Add-Content -Path $OutPutFile -Value “$Computer, $GroupName, SUCCESS, $ObjectType, $DomainOfMember, $MemberDisplayName”
} catch {
Write-Verbose “failed to query details of a member. Details $_”
Add-Content -Path $OutputFile -Value “$Computer,QueryFailed”
}
}
}
}
}