List local group members on a remote computer using WMI and PowerShell

Posted by Ben Baird on August 12, 2011 Leave a comment (0) Go to comments

Today I needed to sort through the computers on a domain and check the machines’ local Administrators group for non-standard entries. I found quite a few examples of listing local group members using ADSI, but I tend to avoid ADSI when possible, as its use has been falling out of favor for some time.

That meant using WMI — but the only WMI-based examples I found were written in VBScript. So I made a quick and dirty function that would do what I needed:

function Get-LocalGroupMembers 
{ 
    param( 
        [parameter(Mandatory=$true,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)] 
        [Alias("Name")] 
        [string]$ComputerName, 
        [string]$GroupName = "Administrators" 
    ) 
 
    begin {} 
 
    process 
    { 
        # If the account name of the computer object was passed in, it will 
        # end with a $. Get rid of it so it doesn't screw up the WMI query. 
        $ComputerName = $ComputerName.Replace("`$", '') 
 
        # Initialize an array to hold the results of our query. 
        $arr = @() 
 
        $wmi = Get-WmiObject -ComputerName $ComputerName -Query ` 
            "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$ComputerName',Name='$GroupName'`"" 
 
        # Parse out the username from each result and append it to the array. 
        if ($wmi -ne $null) 
        { 
            foreach ($item in $wmi) 
            { 
                $arr += ($item.PartComponent.Substring($item.PartComponent.IndexOf(',') + 1).Replace('Name=', '').Replace("`"", '')) 
            } 
        } 
 
        $hash = @{ComputerName=$ComputerName;Members=$arr} 
        return $hash 
    } 
 
    end{} 
}

This function turns out to be a cinch to use with my favorite Active Directory tools from Quest:

$AdminList = Get-QADComputer -SizeLimit 0 | Get-LocalGroupMembers -GroupName "Administrators"

Output resembles something like this in the console, but you can do any number of things with the data to format it and send it to a CSV or text file:

ComputerName                   PRINT-TST1
Members                        {NTAdmin, ServerLocalAdmin_DL_IA_F, DesktopServerLocalAdmin_DL_IA_F}
ComputerName                   CTX105
Members                        {NTAdmin, ServerLocalAdmin_DL_IA_F, DesktopServerLocalAdmin_DL_IA_F}
ComputerName                   CTX106
Members                        {NTAdmin, ServerLocalAdmin_DL_IA_F, DesktopServerLocalAdmin_DL_IA_F}
ComputerName                   CTX107
Members                        {NTAdmin, ServerLocalAdmin_DL_IA_F, DesktopServerLocalAdmin_DL_IA_F}
PowerShell, Scripting,

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">