14 February 2015

Home » » List all Local Administrators on a Computer

List all Local Administrators on a Computer

  Saturday, February 14, 2015    No comments
I wrote this script to generate a list of local administrators on a PC. It saves the output to a text file at a central repository. The text file is named the computer name and contains a listing of all the local administrators. It can be pushed out to run as a package in SCCM. The second script will read all of the text files and create a csv file with all of the combined data.

You can download the script below:



 <#  
 .SYNOPSIS  
   Get a list of local administrators on a machine  
 .DESCRIPTION  
   Get a list of local administrators on a machine and write the list to  
   a csv file on a remote share.  
 .Author  
   Mick Pletcher  
 .Date  
   14 February 2015  
 .EXAMPLE  
   powershell.exe -executionpolicy bypass -file LocalAdministrators.ps1  
 #>  
   
 cls  
 $LocalAdmins = @()  
 $Members = net localgroup administrators | where {$_ -AND $_ -notmatch "command completed successfully"} | select -skip 4  
 $Profiles = Get-ChildItem -Path $env:SystemDrive"\users" -Force  
 $LogFile = "\\NetworkLocation\"+$env:COMPUTERNAME+".log"  
   
 Foreach ($Member in $Members) {  
      $Member = $Member.Split("\")  
      If ($Member.Count -gt 1) {  
           [string]$Member = $Member[1]  
           If (($Member -ne "Domain Admins") -and ($Member -ne "Workstation Admins")) {  
                Foreach ($Prof in $Profiles) {  
                     If ($Member -eq $Prof) {  
                          $LocalAdmins += $Member  
                     }  
                }  
           }  
      }  
      Remove-Variable -Name Member  
 }  
 If ((Test-Path $LogFile) -eq $true) {  
      Remove-Item -Path $LogFile -Force  
 }  
 If ((Test-Path $LogFile) -eq $false) {  
      New-Item -Path $LogFile -ItemType File -Force  
 }  
 If ($LocalAdmins.Count -gt 0) {  
      Foreach ($LocalAdmin in $LocalAdmins) {  
           Add-Content -Path $LogFile -Value $LocalAdmin -Force  
      }  
 }  
   



 <#  
 .SYNOPSIS  
   Create Local Administrators Report  
 .DESCRIPTION  
   This will read all .log files and consolidate them into a master   
   .csv file with the computer name and list of local admins for  
   each computer  
 .Author  
   Mick Pletcher  
 .Date  
   14 February 2015  
 .EXAMPLE  
   powershell.exe -executionpolicy bypass -file LocalAdministratorsReport.ps1  
 #>  
   
 $MasterLog = "\\NetworkLocation\LocalAdministrators.csv"  
 $Files = Get-ChildItem -Path \\NetworkLocation -Force  
 If ((Test-Path $MasterLog) -eq $true) {  
      Remove-Item -Path $MasterLog -Force  
 }  
 If ((Test-Path $MasterLog) -eq $false) {  
      $TitleBar = "ComputerName,UserName"+[char]13  
      New-Item -Path $MasterLog -ItemType File -Value $TitleBar -Force  
 }  
 Foreach ($File in $Files) {  
      If ($File.Extension -eq ".log") {  
           $Usernames = Get-Content -Path $File.FullName  
           Foreach ($Username in $Usernames) {  
                $Entry = $File.BaseName+","+$Username  
                Add-Content -Path $MasterLog -Value $Entry -Force  
           }  
      }  
 }

0 comments:

Post a Comment