How To Get Members of a Local Group with PowerShell
Every admin dreads audit and requests for members with privileged access. Some want screen shots, others use scripts and then there are those of us who like to tinker and use PowerShell for Windows.
What the result is a script that gets the members of the local Administrators group and export it to a file.
# Get members of local administrator group # getlocaladmins.ps1
$node = hostname
# Set the file save location $LogFileName = "c:\Support\Admin-"+ $node +".txt"
# Delete the old one if it exists del $LogFileName
# Write a header and separator to the file Out-File -FilePath $LogFileName -Encoding ASCII Add-Content -Path $LogFileName -Value "Computer: $node" -Encoding ASCII Add-Content -Path $LogFileName -Value "*****************************" -Encoding ASCII
# Set variables for the group and members $group =[ADSI]"WinNT://./Administrators" $members = @($group.psbase.Invoke("Members"))
# Get the members of the group and append it to our file $members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)} | Out-File -Append -FilePath $LogFileName -Encoding ASCII
Save and run the script and the resulting file looks like this:
Computer: win2008tst ***************************** Administrator Outbound Outbound1 Domain Admins
Now if we wanted to go further we could add this as a quarterly run scheduled tasks using schtasks command.
Leave a Reply