PowerShell - 列出所有计算机和哪些用户是管理员

时间:2015-10-13 14:24:23

标签: powershell active-directory

我正在尝试创建一个PowerShell脚本:

  • 查找域中的所有计算机
  • 查询每台计算机以确定管理员组中的组/用户
  • 列出每个用户/组/计算机
  • 列应为:Username,GroupName,ComputerName,DomainName

这是我到目前为止所处的位置,但我正在寻找一些帮助以一致的方式解析WMI结果,或者按

到目前为止,这是脚本:

$auditdir = "c:\temp\"
$tempfile = $auditdir + "computers.csv"

$computers = (Get-ADComputer -Filter *)

$Table = @()
$Record = @{
      "MachineName" = ""
      "GroupName" = ""
      "DomainName" = ""
      "Username" = ""
    }
Foreach ($computername in $computers){

    $computername = $computername.name
    $ADMINS = get-wmiobject -computername $computername -query "select * from win32_groupuser where GroupComponent=""Win32_Group.Domain='$computername',Name='administrators'""" | % {$_.partcomponent}

    foreach ($ADMIN in $ADMINS){

        Write-Host "Output current admin"
        $admin
        Write-Host "Clean up current admin"
        $admin = ($admin | Out-String)
        $admin = $admin -replace 'cimv2', '' -replace 'Win32','' -replace 'useraccount','' -replace 'root','' -replace $computername,'' -replace ',','' -replace "`n|`r" -replace $env:userdomain,'' -replace 'name','' -replace '=','' -replace ':','' -replace '_','' -replace '\\','' -replace '_','' -replace 'group','' -replace '""',''
        $admin.substring(8)
        $admin
        $admin = $admin | %{$_.split('"')[3]}
        $admin
        Write-Host "done with current admin"

        $Record."Machinename" = $computername
        $Record."Groupname" = $admin
        $Record."DomainName" = $env:USERDNSDOMAIN
        $Record."UserName" = $admin.split("")[1]

        $objRecord = New-Object PSObject -property $Record
        $Table += $objrecord    
    }
$Table | Export-Csv $tempfile -NoTypeInformation    
}

有人可以帮助我到达终点线吗?

更新1: 在Mathias的帮助下,我将WMI查询的结果转换为WMI类型,并且可以更轻松地访问项目。

$auditdir = "c:\temp\"
$tempfile = $auditdir + "computers.csv"

$computers = (Get-ADComputer -Filter *)

$Table = @()
$Record = @{
      "ComputerName" = ""
      "MemberName" = ""
      "DomainName" = ""
      "SID" = ""
    }
Foreach ($computername in $computers){

    $computername = $computername.name
    $ADMINS = get-wmiobject -computername $computername -query "select * from win32_groupuser where GroupComponent=""Win32_Group.Domain='$computername',Name='administrators'""" | % {$_.partcomponent}

    foreach ($ADMIN in $ADMINS){

        $admin = [WMI]$admin
        $admin

        $Record."ComputerName" = $computername
        $Record."MemberName" = $admin.name
        $Record."DomainName" = $env:USERDNSDOMAIN
        $Record."SID" = $admin.SID

        $objRecord = New-Object PSObject -property $Record
        $Table += $objrecord    
    }
$Table | Export-Csv $tempfile -NoTypeInformation    
}

我似乎遇到域管理员组的问题。它似乎无法转换为WMI然后解析。

错误是:

Cannot convert value "\\computername\root\cimv2:Win32_Group.Domain="domain",Name="Domain Admins"" to type
"System.Management.ManagementObject". Error: "Not found "
At C:\Users\f12admin\Desktop\computerlist.ps1:20 char:3
+         $admin = [WMI]$admin
+         ~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvalidCastToWMI

0 个答案:

没有答案
相关问题
最新问题