API tools faq
paste
Advertisement
bwood42

POSH Pull Local Admin Members and AD Nested Groups

bwood42
Jun 30th, 2014
75
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.03 KB | None | 0 0
raw download clone embed print report
  1. ###########################################################################
  2. #
  3. # NAME: Find All Local Admin users in Nested Groups
  4. #
  5. # AUTHOR: Inquisitor_ForHire
  6. #
  7. # COMMENT: Not really intended to share, but I tried to clean it up...
  8. #
  9. # VERSION HISTORY:
  10. # 1.0 6/16/2014 - Initial release
  11. #
  12. ###########################################################################
  13.  
  14. ## Things you need to change...
  15. ## Line 23 - the $target variable but only if doing a single server...
  16. ## Line 27 - $outfile variable to tell where you want to save the file
  17. ## In Function Get-Groupdata, change the "DOM1, DOM2, DOM3, DOM4, and DOM5 references to the SHORTNAME of the domains you want to check.
  18. ## Also change the corresponding -service argument of each command to map to a specific domain controller in each of those domains.
  19. ## Uncomment Line 92 and 93 depending on if doing a single server, or pulling from AD. Change line 92 as needed to work in your environment...
  20. ## If doing a pull from AD, uncomment line 219
  21.  
  22.  
  23. $target = "Servername"
  24.  
  25.  
  26. $date = Get-Date -Format MMddyyyy
  27. $outfile = "E:\scripts\output\ADMIN_"+$target+"_$date.csv"
  28.  
  29.  
  30. ## this is the function that goes and grabs the local admin members
  31. function get-localadministrators {
  32. param ([string]$computername=$env:computername)
  33.  
  34. $computername = $computername.toupper()
  35. $ADMINS = get-wmiobject -computername $computername -query "select * from win32_groupuser where GroupComponent=""Win32_Group.Domain='$computername',Name='administrators'""" | % {$_.partcomponent}
  36.  
  37. foreach ($ADMIN in $ADMINS) {
  38. $admin = $admin.replace("\\$computername\root\cimv2:Win32_UserAccount.Domain=","") # trims the results for a user
  39. $admin = $admin.replace("\\$computername\root\cimv2:Win32_Group.Domain=","") # trims the results for a group
  40. $admin = $admin.replace('",Name="',"\")
  41. $admin = $admin.REPLACE("""","")#strips the last "
  42.  
  43. $objOutput = New-Object PSObject -Property @{
  44. Machinename = $computername
  45. Fullname = ($admin)
  46. DomainName =$admin.split("\")[0]
  47. UserName = $admin.split("\")[1]
  48. }#end object
  49.  
  50. $objreport+=@($objoutput)
  51. }#end for
  52.  
  53. return $objreport
  54. }#end function
  55.  
  56.  
  57. function Get-Groupdata {
  58. param ([string]$groupname= "Administrators")
  59.  
  60.  
  61. IF ($groupname -like "DOM1*"){
  62. $DOMresults = Get-QADGroupMember $groupname -service 'DC001.eu.contoso.com' -Verbose
  63. $DOMresults
  64. }
  65. ELSEIF ($groupname -like "DOM2*"){
  66. $DOMresults = Get-QADGroupMember $groupname -service 'DC001.na.contoso.com' -Verbose
  67. $DOMresults
  68. }
  69. ELSEIF ($groupname -like "DOM3*"){
  70. $DOMresults = Get-QADGroupMember $groupname -service 'DC001.ap.contoso.com' -Verbose
  71. $DOMresults
  72. }
  73. ELSEIF ($groupname -like "DOM4*"){
  74. $DOMresults = Get-QADGroupMember $groupname -service 'DC001.la.contoso.com' -Verbose
  75. $DOMresults
  76. }
  77. ELSEIF ($groupname -like "DOM5*"){
  78. $DOMresults = Get-QADGroupMember $groupname -service 'DC001.other.contoso.com' -Verbose
  79. $DOMresults
  80. }
  81. ELSE {
  82. Write-Output "Skipping $groupname"
  83. }
  84.  
  85. }## End Function Get-Groupdata
  86.  
  87.  
  88.  
  89. #####
  90. #### uncomment the $serverlist of your choice.... depending on if you're targeting one server or need to pull a list from AD.
  91. #####
  92. ## Grab our list of servers to process from AD... be all inclusive.
  93. #$serverlist = Get-ADComputer -Filter {OperatingSystem -like "*server*"} -SearchBase "OU=US,DC=na,DC=CONTOSO,DC=COM" -Server 'DC001.na.contoso.com'
  94. $serverlist = Get-QADComputer $target
  95.  
  96. ## Throwaway variable that's only used at the "top level"
  97. $Admingroup = "LOCAL\Administrators"
  98.  
  99. ## What to say when we can't process a machine
  100. $failed = "Lookup Failed"
  101.  
  102. Foreach ($Computer in $serverlist)
  103. {
  104.  
  105. #region ## L1 Processing
  106. ## Reset the $localadmusers because I don't trust instancing...
  107. $localADMusers = $null
  108. ## Go get the members of the Local Admin Group on the remote Computer
  109. $localADMusers = (get-localadministrators $Computer.name)
  110.  
  111. ## If the $localadmusers is empty, then we failed to contact the computer in question.
  112. IF ($localADMusers -eq $null){
  113. $comp = $Computer.name
  114. $oops = "$comp,$failed"
  115. $oops | Out-File $outfile -Append
  116. Write-Output $oops
  117. } ## End IF Statement
  118.  
  119.  
  120. ## If it's not empty, list out the LOCALADMUSERS and dump them to the CSV File.
  121. ELSE{
  122. ## Process LocalADMUsers
  123. $L1Members = $null
  124. $L1Members = $localADMusers
  125. $L1Members | Select MachineName, @{Name = "GroupName";Expression={$Admingroup}}, Username, FullName, DomainName | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  126. } ## End Else Statement
  127.  
  128. #endregion ## L1 Processing
  129.  
  130.  
  131.  
  132. #Region ## L2 Processing
  133. ## Level 2 Processing
  134. Foreach ($L1 in $L1Members)
  135. {
  136. $L2Members = $null
  137. $L2Members = Get-Groupdata $L1.Fullname
  138. $L2Members | Select SamAccountName, Domain | FL
  139. $L2Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L1.username}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  140.  
  141. ## Level 3 Processing
  142. Foreach ($L2 in $L2Members)
  143. {
  144. $L3Members = $null
  145. $L3Members = Get-Groupdata $L2.NTAccountname
  146. $L3Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  147. $L3Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L2.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  148.  
  149. ## Level 4 Processing
  150. Foreach ($L3 in $L3Members)
  151. {
  152. $L4Members = $null
  153. $L4Members = Get-Groupdata $L3.NTAccountname
  154. $L4Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  155. $L4Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L3.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  156.  
  157. ## Level 5 Processing
  158. Foreach ($L4 in $L4Members)
  159. {
  160. $L5Members = $null
  161. $L5Members = Get-Groupdata $L4.NTAccountname
  162. $L5Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  163. $L5Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L4.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  164.  
  165. ##Level 6 Processing
  166. Foreach ($L5 in $L5Members)
  167. {
  168. $L6Members = $null
  169. $L6Members = Get-Groupdata $L5.NTAccountname
  170. $L6Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  171. $L6Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L5.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  172.  
  173. ##Level 7 Processing
  174. Foreach ($L6 in $L6Members)
  175. {
  176. $L7Members = $null
  177. $L7Members = Get-Groupdata $L6.NTAccountname
  178. $L7Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  179. $L7Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L6.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  180.  
  181. ##Level 8 Processing
  182. Foreach ($L7 in $L7Members)
  183. {
  184. $L8Members = $null
  185. $L8Members = Get-Groupdata $L7.NTAccountname
  186. $L8Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  187. $L8Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L7.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  188.  
  189. ##Level 9 Processing
  190. Foreach ($L8 in $L8Members)
  191. {
  192. $L9Members = $null
  193. $L9Members = Get-Groupdata $L8.NTAccountname
  194. $L9Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  195. $L9Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L8.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  196.  
  197. ##Level 10 Processing
  198. Foreach ($L9 in $L9Members)
  199. {
  200. $L10Members = $null
  201. $L10Members = Get-Groupdata $L9.NTAccountname
  202. $L10Members | Select SamAccountName, Domain, Username, NTAccountname | FL
  203. $L10Members | Select @{Name = "MachineName";Expression={$Computer.name}}, @{Name = "GroupName";Expression={$L9.name}}, SamAccountname, NTAccountName, Domain, Name | ConvertTo-Csv | Select -Skip 2 | Out-File $outfile -Append
  204.  
  205.  
  206. } ## End Foreach $L9 in $L9Members
  207. } ## End Foreach $L8 in $L8Members
  208. } ## End Foreach $L7 in $L7Members
  209. } ## End Foreach $L6 in $L6Members
  210. } ## End Foreach $L5 in $L5Members
  211. } ## End Foreach $L4 in $L4Members
  212. } ## End Foreach $L3 in $L3Members
  213. } ## End Foreach $L2 in $L2Members
  214. } ## End Foreach $L1 in $L1Members
  215. #endregion ## All Level Processing
  216.  
  217.  
  218.  
  219. }## End FOREACH $Computer in $serverlist
  220.  
  221.  
  222. ## Wrap it up and add Headers to the data...
  223. $final = Import-Csv $outfile -Header "MachineName", "SourceGroupName", "Username", "FullName", "DomainName", "FriendlyName"
  224.  
  225. $final | Export-Csv $outfile -NoTypeInformation
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!