Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Powershell Script - Get-LocalUsers - Remotely query all local users and details
#Requires -Version 2
Function Get-LocalUsers{
<#
.SYNOPSIS
Remotely pulls local users and some properties
.DESCRIPTION
Uses the [ADSI] object type to remotely connect to SAM to query user objects for group membership, password expiration,etc
.PARAMETER ComputerName
Specifies one or more server names.
.EXAMPLE
Get-Content .\serverlist.txt | Get-LocalUsers | Export-Csv .\report.csv
Gets all local users on every server in the list txt and outputs it to a report CSV file.
.LINK
http://www.bryanvine.com/2015/08/powershell-script-get-localusers.html
.NOTES
Author: Bryan Vine
Last updated: 8/19/2015
#>
[CmdletBinding()]
Param(
[Parameter(Mandatory=$true,valuefrompipeline=$true,Position=0)]
[alias("CN","MachineName","ServerName","Server")][ValidateNotNullOrEmpty()][string[]]
$ComputerName
)
BEGIN{
$allServers = @()
}
PROCESS{
$allServers += $ComputerName
}
END{
foreach($comp in $allServers){
try{
([ADSI]"WinNT://$comp").Children | ?{$_.SchemaClassName -eq 'user'} | %{
$groups = $_.Groups() | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
$_ | Select @{n='Server';e={$comp}},
@{n='UserName';e={$_.Name}},
@{n='Active';e={if(($_.userflags.value -band 2) -eq 2){$true} else{$false}}},
@{n='PasswordExpired';e={if($_.PasswordExpired){$true} else{$false}}},
@{n='PasswordNeverExpires';e={if(($_.userflags.value -band 65536) -eq 65536){$true} else{$false}}},
@{n='PasswordAgeDays';e={[math]::Round($_.PasswordAge[0]/86400,0)}},
@{n='LastLogin';e={$_.LastLogin}},
@{n='Groups';e={$groups -join ';'}},
@{n='Description';e={$_.Description}},
@{n='UserFlags';e={$_.userflags}}
}
}
catch{
Write-Warning "Failed to query users on $Comp"
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.