Retrieve a list of local administrators using Powershell.

Although a large number of scripts are available already for this job, most of them do not include an option to enumerate a remote machine.

My script uses WMI, allows you to query remote machines and returns objects for future use.

Thanks to my colleague Jason for the inspiration and help with this script!

function get-localadministrators {
    param ([string]$computername=$env:computername)

    $computername = $computername.toupper()
    $ADMINS = get-wmiobject -computername $computername -query "select * from win32_groupuser where GroupComponent=""Win32_Group.Domain='$computername',Name='administrators'""" | % {$_.partcomponent}

    foreach ($ADMIN in $ADMINS) {
                $admin = $admin.replace("$computernamerootcimv2:Win32_UserAccount.Domain=","") # trims the results for a user
                $admin = $admin.replace("$computernamerootcimv2:Win32_Group.Domain=","") # trims the results for a group
                $admin = $admin.replace('",Name="',"")
                $admin = $admin.REPLACE("""","")#strips the last "

                $objOutput = New-Object PSObject -Property @{
                    Machinename = $computername
                    Fullname = ($admin)
                    DomainName  =$admin.split("")[0]
                    UserName = $admin.split("")[1]
                }#end object

    $objreport+=@($objoutput)
    }#end for

    return $objreport
}#end function

get-localadministrators

Related Posts

New Module: Creating an RDP file password with Pow... Here's something that is surprisingly tricky to automate in this day and age. Creating a password and storing it in an RDP file. I'm not here to debat...
Dealing with multi numbered versions in powershell... So here's a quick little blog about something i discovered in powershell while googling today. Lots of vendors like to use version numbers includin...
Accurately checking the Citrix PVS “cache in... Citrix Provisioning services "Cache in RAM, overflow to disk", even with it's challenges is something I've always felt was a great idea, hell, I fores...

24 Comments About “Retrieve a list of local administrators using Powershell.

  1. Nick

    Nevermind I figured it out! Also is there a way to go through each of the groups it finds and list whoever is in there?

    Reply
    1. Christopher Ranney

      Nick,

      Not sure if you need this, but I needed it – this script block works for me…

      $LocalGroups = gwmi win32_group|?{$_.domain -eq $env:computername}|select -ExpandProperty Name
      Foreach($localGroup in $LocalGroups)
      {
      “Members in the $localgroup :”
      $computer = [adsi](“WinNT://”+$env:COMPUTERNAME+”,computer”)
      #$computer.psbase.children.find(“$localGroup”)
      $group = $computer.psbase.children.find(“$localGroup”)
      $group.psbase.invoke(“Members”)|%{$_.gettype().InvokeMember(“Adspath”,’GetProperty’,$null, $_, $null)}
      “”

      }

      Everything I run is wrapped into a scriptblock and executed remotely, which is how I get away with using variables like $env:computername.

      Hope this helps.

      Reply
  2. Meridian

    How would I modify this to read a text file of predefined computer names into the function get-localadministrators?

    Reply
    1. Jim

      Script works fine against local computer, but adding
      get-content “c:pathfilename.txt” | % {get-localadministrators $_} for additional machines on a new line anywhere in the script results in errors.

      Reply
  3. Jim

    Im having problems getting this to read from a file with a list of computers. Im new to scripting so what do i need to put where inorder to do this. I would also like to get the output to a text file.
    Thanks

    Reply
  4. Andrew Morgan

    Hi Jim, try:

    Get-content “c:file.txt” | % {get-localadministrators -computername $_}

    To read from a text fie, if that works report back and ill tackle your second request.

    Reply
  5. David

    For some reason, the script only shows the users on the local machine, not the machine indicated by the -computername parameter.

    Any ideas?

    Reply
    1. akismet-7f1e5b87853339fcf4717a0bcfd0e4c1

      David, add the following line after the function:

      foreach($server in (gc .masterserver.txt)){get-localadministrators -computername $server}

      Change .masterserver.txt to the path of a text file that has a list of your servers one per line.

      Reply
      1. Terry

        I hate to ask this but I am an absolute beginner. Can you show exactly where to add this? I added it where what I thought was after the function but I get nothing but errors.

        Reply

Leave a Reply