search
top

How To Get Members of a Local Group with PowerShell

Every admin dreads audit and requests for members with privileged access. Some want screen shots, others use scripts and then there are those of us who like to tinker and use PowerShell for Windows.

What the result is a script that gets the members of the local Administrators group and export it to a file.

 

# Get members of local administrator group
# getlocaladmins.ps1
$node = hostname
# Set the file save location
$LogFileName = "c:\Support\Admin-"+ $node +".txt"
# Delete the old one if it exists
del $LogFileName
# Write a header and separator to the file
Out-File -FilePath $LogFileName -Encoding ASCII
Add-Content -Path $LogFileName -Value "Computer: $node" -Encoding ASCII
Add-Content -Path $LogFileName -Value "*****************************" -Encoding ASCII
# Set variables for the group and members
$group =[ADSI]"WinNT://./Administrators"
$members = @($group.psbase.Invoke("Members"))
# Get the members of the group and append it to our file
$members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)} | Out-File -Append -FilePath $LogFileName -Encoding ASCII

Save and run the script and the resulting file looks like this:

 Computer: win2008tst
*****************************
Administrator
Outbound
Outbound1
Domain Admins

Now if we wanted to go further we could add this as a quarterly run  scheduled tasks using schtasks command.

Leave a Reply

Your email address will not be published. Required fields are marked *

top