PowerShell: Find a user or group is member of local Administrators group of a Remote computer


I wrote this script to scan all computers and find if specific Group is member of local administrators group or not. In a day, I found this specific group has local admin access to which computers.

You may modify or use as it is of the following PowerShell script if you need to find the local administrators group membership of a user or group.

<#
    PowerShell Ver 3 or above

    Script: Verify-LocalAdminMembership
    Parameter 1: Computer Name or IP Address
    Parameter 2: Which User or Group to check member of the local Administrators in give computer (param 1)

    Description: This script checks the given user or group is member of local administrators group of the
    given computer or not.

    Written by: Anand, the awesome, Venkatachalapathy

#>

Param ($CompName,$TargetObject)

<#
    Function: IsAdministrator
    Parameter: Computer name of IP Address
    Description: This function checks the membership of local administrators group. If the given
    $targetobject is member of local administrators group, it return True.
#>
function IsAdministrator($hostname)
{
    $objGroup = [ADSI](“WinNT://$hostname/Administrators”)
    $members = @($objGroup.psbase.Invoke(“Members”))

    $IsAdmin = $false
    $members | foreach { $member = $_.GetType().InvokeMember(“Name”, ‘GetProperty’, $null, $_, $null); if ($member.Equals($TargetObject)) { $IsAdmin = $true } }
   
    Return $IsAdmin
}

<#
    —- The Script Starts Here —-
#>
$ReturnValue = IsAdministrator -hostname $CompName

If ($ReturnValue)
{
    if (($CompName.ToCharArray() | Where-Object {$_ -eq ‘.’} | Measure-Object).Count -eq 3)
    {
        # $CompName contains a IP address, find the hostname from DNS
        $NameOftheHost = ([System.Net.Dns]::GetHostbyAddress(“$CompName”)).Hostname
    }
    else
    {
        $NameOftheHost = $CompName
    }
   
    “$NameOftheHost contains $member in local administrators group”
}

Advertisements

3 thoughts on “PowerShell: Find a user or group is member of local Administrators group of a Remote computer

  1. hi,

    could you tell me where I can set the specific Group name and could I set a computer.txt file who should search on each server the specific group?

    Thanks!

  2. getting this error:

    Exception calling “Invoke” with “2” argument(s): “Unknown error (0x80005000)”
    At line:10 char:18
    + $members = @($objGroup.psbase.Invoke(“Members”))
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DotNetMethodException

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s