Script that collect information about connected user

Hello guys,

This time i tried to write a script that collect information about local administrator Users, print it in .txt named with the name of the laptop + the creation date. than send it to a local repertory and somewhere else on a NAS.

the script work perfectly on my laptop but not on other laps i had diffrent error like :

Get-LocalGroupMember: Impossible de comparer deux éléments dans le tableau.

Corbeille Au caractère C:\Users\bedouia\Downloads\Utilisateur envoie Utilisateur envoie listeutilisateur.ps1:33: 29 e Utilisateur = Get-Local GroupMember -Name "Administrateurs" Selec ...

: NotSpecified: (:) [Get-LocalGroupMember), InvalidoperationException + FullyqualifiedErrorId: Une erreur non spécifiée s'est produite., Microsoft PowerShell.Commands.GetLocalGroupMemb

+ CategoryInfo

erCommand

Google Chrom 163.*.*.73\Adminlocal compte : Le terme «\\163.*.*.73\Adminlocalcomptes n'est pas reconnu comme nom d'applet de commande, fonction, fichier de script ou programme exécutable. Vérifiez l'orthographe du nom, ou si un chemin d'acces existe, vérifiez que le chemin d'accès est correct et réessayez. I Au caractère C:\Users\bedouia Downloads\Utilisateur envoie utilisateur envoie listeutilisateur.ps1:59: 9

Suri=\\163.*.*.73\Adminlocal compte

: ObjectNotFound: (\\163.*.*.73​​​​​​​\Adminlocal compte:String), CommandNotFoundException FullyqualifiedErrorId: CommandNotFoundException

CategoryInfo

My script is :


        $Nam = Get-CimInstance -ClassName Win32_ComputerSystem | Select Name
        $Sam = $Nam.Name
        $date =Get-Date -uformat "%Y%m%d"
        $fichier = $Sam+"_"+$date+".txt"


function Liste_Utilisateurs {
    Begin {

        $userid = $env:username
        $fichier = $Sam+"_"+$date+".txt"
    }
    Process {
     
      $Liste_Utilisateur =  Get-LocalGroupMember -Name "Administrateurs" | Select Name 
    }
    End {
            Return $Liste_Utilisateur
    }
}

Liste_Utilisateurs | Out-File  $fichier 

#######################
#                     #
# Envoie de fichier   #
#                     #
#######################
 
 #Envoie le fichier localement 


 $uri ='C:\Windows\Temp'
  Copy-Item $fichier $uri




 #envoie le fichier sur le Nas 
 $uri = \\163.*.*.*.*\Adminlocalcompte
 Copy-Item $fichier $uri 
 
  

  pause 

and i put a little bat script to lunch my powershell script with a bypass policy

@ECHO OFF

SET ThisScriptsDirectory=%~dp0

PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""%ThisScriptsDirectory%listeutilisateur.ps1""' -Verb RunAs}"

any idea why is this happening

Thanks in advance.

I think you are overcomplicating this. This should be all you need actually:

$FileName = $env:COMPUTERNAME + $(Get-Date -Format '_yyyyMMdd') + '.txt'
$FilePath = Join-Path -Path $([System.IO.Path]::GetTempPath()) -ChildPath $FileName

(Get-LocalGroupMember -Name 'Administrateurs').Name | Out-File -FilePath $FilePath

$uri = '\\163.*.*.*\Adminlocalcompte'
Copy-Item -Path $FilePath -Destination $uri 

How do you like to run this script? If a user is supposed to run it you could create a shortcut with the following command line:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -ExecutionPolicy Bypass -File 'CompletePath\Script.ps1'

yes a User should run this script with a simple click that’s why i made a bat luncher with this commande line

@ECHO OFF

SET ThisScriptsDirectory=%~dp0

PowerShell -NoProfile -ExecutionPolicy Bypass -Command "& {Start-Process PowerShell -ArgumentList '-NoProfile -ExecutionPolicy Bypass -File ""%ThisScriptsDirectory%listeutilisateur.ps1""' -Verb RunAs}"

it will be in the same file with my script

hi again,
A user tried to run the script but he recive this error every time

Get-LocalGroupvember: Impossible de comparer deux éléments dans le tableau.

Au caractere C:\Users\bedouta Downloads Utilisateur (Get-LocalGroupMesiber -Name Administrateurs'). Name

envoie utilisateur envoiellisteutilisateur.ps1:4 Out-File -FileP

: 2

: Not Specified: (:) [Get-LocalGroupMember], InvalidoperationException FullyQualifiedErrorId: Une erreur non spécifiée s'est produite.,Microsoft.PowerShell.Commands.GetLocalGroupMenti

CategoryInfo

Any idea !?

Note : this script work perfectly on my lap but not on others.
Thanks in advance

Maybe this:
Note

The Microsoft.PowerShell.LocalAccounts module is not available in 32-bit PowerShell on a 64-bit system.

From here:

@Houssemjo
Hello Hou,

Why don’t you use the invoke-command to run this script in your computer?
then retun all computernames and administrators member.

hi tony, actualy im using 64-bit PowerShell not 32-Bit

@Chen.Chen im still begginer with scripting, actualy im using a bat script to run my script, and i want to return all users on a computer not computernames !!

I just want to mention that a user does not have to be a member of the local administrators group. So you might use the wrong query for what you’re actually after. :wink:

@Olaf the porpuse of this script is to verify that the user has a local admin account so that’s why im looking for all the users that exist on the lap because there was other acount but admin on the domain but not localy.
like those one

Name
----
Local
FR-L3032727\"""admin_houssemeddine"""
FR-L3032727\Administrateur
FR-L3032727\Support
Domain 
GROUPINFRA\Domain Admins
GROUPINFRA\"""houssemeddine.benyou"""
GROUPINFRA\seba.durand
GROUPINFRA\T-Country-FR-PCAdministrators

but i dont know why the commande work on my lap but not on others.
Thanks in advance.

OK, I get it, but you mention it works for you and NOT others, are the others also using 64bit?

@tonyd yes tony all users use 64-Bit system and as administrators also.

I ran into this problem today.
One of the reasons it can occur is if you have an orphaned account in the group. i.e. a SID that cannot be resolved to a deleted AD account:

There are different methods of auditing the local groups, but each has some limitation, various techniques are discussed here:

However, in my testing today, I’ve found the most reliable way is
Invoke-Command -ComputerName {net localgroup Administrators}.

It’s a bit of a faff to parse out the unwanted text but easier than dealing with the limitations and errors being thrown by the other methods.

The proper way to achieve this would be to add a domain security group to the local administrators and add all needed domain users to this group. :wink:

1 Like

A agree with Olaf. It also sounds like you may be adding general users to the admin group? If that is the case, you should re-think that as it is definitely not a best practice.