PoshCode Logo PowerShell Code Repository

List All Local Admins by AlphaSun 12 months ago (modification of post by AlphaSun view diff)
View followups from AlphaSun | diff | embed code: <script type="text/javascript" src="http://PoshCode.org/embed/6289"></script>download | new post

This script will list the local administrators of all accessible PCs on a network, save the results to an Excel spreadsheet (via Excel COM objects, so a local installation of Excel is required), and email the log file to an array of recipients. Also included in the results are the IP address and Serial number of the PC. Lines to be customized are highlighted.

  1. Import-Module ActiveDirectory
  2.  
  3. # Folder to save result file to
  4.  $SaveTo = "\\server\share\folder"
  5. $BaseFilename = "Local Admin Group Members.xlsx"
  6.         # The current date and time will be prepended to the BaseFilename
  7.  
  8. # Exchange settings
  9. $SMTP = "Exch-Srvr"
  10. $Recipients = @("Someone@anywhere.com", "SomeoneElse@anywhere.com", "Nobody@anywhere.com", "Anonymouse@somewhere-else.com")
  11. $Sender = "DeadPool@chimichanga.com"
  12.  
  13. # Create a new Excel object using COM
  14. $Excel = New-Object -ComObject Excel.Application
  15. $Excel.visible = $False
  16.  
  17. # Counter variable for rows
  18. $i = 1
  19.  
  20. # WMI Class variables
  21. $WMI_CSP = "Win32_ComputerSystemProduct"
  22.  
  23. # Set up a directory search for all computer objects in the current domain
  24. # Exclude several Organizational Units from the search scope
  25. $ExcludeOUs=([adsisearcher]'(&(objectCategory=Organizationalunit)(!ou=Domain Controllers)(!ou=Servers))').FindAll()
  26. foreach($ou in $ExcludeOUs)
  27. {
  28.         $searcher=[adsisearcher]'(&(objectCategory=computer))'
  29.         $searcher.searchScope="Subtree"
  30.         $searcher.searchRoot=$ou.Path
  31.         $Results = $searcher.FindAll()
  32.  
  33. # Create spreadsheet
  34. $intRow = 1
  35.  
  36. $Excel = $Excel.Workbooks.Add()
  37. $Sheet = $Excel.Worksheets.Item(1)
  38.  
  39. # Create column headers
  40. $Sheet.Cells.Item($intRow,1)  = "Hostname"
  41. $Sheet.Cells.Item($intRow,1).Font.Bold = $True
  42. $Sheet.Cells.Item($intRow,1).HorizontalAlignment = -4108
  43. $Sheet.Columns.Item('a').ColumnWidth = 14
  44.  
  45. $Sheet.Cells.Item($intRow,2)  = "IP Address"
  46. $Sheet.Cells.Item($intRow,2).Font.Bold = $True
  47. $Sheet.Cells.Item($intRow,2).HorizontalAlignment = -4108
  48. $Sheet.Columns.Item('b').ColumnWidth = 11
  49.  
  50. $Sheet.Cells.Item($intRow,3) = "Serial Number"
  51. $Sheet.Cells.Item($intRow,3).Font.Bold = $True
  52. $Sheet.Cells.Item($intRow,3).HorizontalAlignment = -4108
  53. $Sheet.Columns.Item('c').ColumnWidth = 16
  54.  
  55. $Sheet.Cells.Item($intRow,4) = "Local Administrators"
  56. $Sheet.Cells.Item($intRow,4).Font.Bold = $True
  57. $Sheet.Cells.Item($intRow,4).HorizontalAlignment = -4108
  58. $Sheet.Columns.Item('d').ColumnWidth = 50
  59.  
  60. # Parse the search results
  61. foreach ($objResult in $Results)        {
  62.         $intRow++
  63.  
  64.         $objComputer = $objResult.Properties
  65.         [string]$computer = $objComputer.name
  66.         Write-Host -ForegroundColor White "     Pinging $computer..."
  67.         $pingStatus = Get-WMIObject Win32_PingStatus -Filter "Address = '$computer'"
  68.         $ipAddress = $pingStatus.ProtocolAddress
  69.         if($pingStatus.StatusCode -eq 0)        {
  70.                 $Serial = Get-WMIObject $WMI_CSP -ComputerName $computer  |  Select IdentifyingNumber
  71.                 $_Serial = $Serial.IdentifyingNumber
  72.  
  73.                 $members =[ADSI]"WinNT://$Computer/Administrators"
  74.                 $members = @($members.psbase.Invoke("Members"))
  75.                 $_Members = $members | ?{$_ -notlike "administrator" -and $_ -notlike "Domain Admins"} | foreach {
  76.                         $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null), ", "
  77.                 } | ?{$_ -notlike "administrator" -and $_ -notlike "Domain Admins"}
  78.  
  79.  
  80.                 # Output Minimal information to Console & Complete information to XLS file (Successful Ping)
  81.                 Write-Host -ForegroundColor Green "Reply received from $computer ($ipAddress)"
  82.                 Write-Host ""
  83.                 $Sheet.Cells.Item($intRow, 1)   = $computer
  84.                 $Sheet.Cells.Item($intRow, 2)   = $ipAddress
  85.                 $Sheet.Cells.Item($intRow, 3)   = $_Serial
  86.                 $Sheet.Cells.Item($intRow, 4)   = "$_Members"
  87.  
  88.         }
  89.         else    {
  90.                 # Output Minimal information to Console & Minimal information to XLS file (Unsuccessful Ping)
  91.                 Write-Host -ForegroundColor Red "No Reply received from $computer ....................[SKIPPED]"
  92.                 Write-Host ""
  93.  
  94.  
  95.                 $Sheet.Cells.Item($intRow, 1)   = $computer
  96.                 $Sheet.Cells.Item($intRow, 2)   = "HOST NOT ONLINE"
  97.  
  98.                 $Sheet.Cells.Item($intRow, 3)   = "---"
  99.                 $Sheet.Cells.Item($intRow, 3).HorizontalAlignment = -4108
  100.                
  101.                 $Sheet.Cells.Item($intRow, 4)   = "---"
  102.                 $Sheet.Cells.Item($intRow, 4).HorizontalAlignment = -4108
  103.         }
  104. }
  105. }
  106.  
  107. # Resize columns based on data size
  108. $Sheet.UsedRange.EntireColumn.AutoFit()
  109.  
  110. # Save and close the spreadsheet. Name with the date and time.
  111. $Date = Get-Date -UFormat "%Y%m%d"
  112. $DateTime = Get-Date -UFormat "%Y%m%d.%H%M"
  113. $Excel.SaveAs("$SaveTo\$DateTime $BaseFilename")
  114. $Excel.Close()
  115.  
  116. # Send file to static recipients list.
  117. Send-MailMessage -From $Sender -To $Recipients -Subject "$Date - Local Admin Accounts" -Attachments "$SaveTo\$DateTime $BaseFilename" -SMTP "$SMTP" -Body "The attached report ($DateTime $BaseFilename) lists the accounts that have local administrator access. This file has also been saved to:  $SaveTo\$DateTime $BaseFilename"
  118.  
  119. Clear

Submit a correction or amendment below (
click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:


Remember me