stackoom
  简体   繁体   中英

Windows PowerShell 2 Command To Capture Local User Accounts In A Group

 原文  2021-04-22 15:41:56       windows/ powershell/ command

Question

I am limited to PowerShell 2 and I have been trying to craft a command that lists the local user accounts within a group such as administrators. However, the crafted command also lists DC user accounts and I do not want this, is there a way to achieve this?

Crafted Command:

gwmi win32_group -filter 'Name="Administrators"'|%{$_.GetRelated('Win32_UserAccount')} | select Name

2 answers

solution1
 2 ACCPTED  2021-04-22 22:03:40

Why not just use the built-in OS tools from PowerShell and parse that output?

# Get all group names
net localgroup

# Get members of one group
net localgroup administrators


(net localgroup administrators) -replace 'The command completed successfully.|\-+' | Select-Object -Skip 4
# Results
<#
Administrator
...
#>

Old school is still a thing even from PowerShell.

As far as your PowerShell v2 (no longer supported, unnecessary risk issues, etc.). Firstly, really (if you have influence at all) you need to convince them to get off that.

;-}

Yet, with v2, do your command this way.

Full disclosure, I've not used v2 in years, so, had to re-enable it on one Win10 system to do this.

powershell -version 2.0 -nologo -noprofile

$PSVersionTable

# Results
<#
Name                           Value
----                           -----
CLRVersion                     2.0.50727.9151
BuildVersion                   6.1.7600.16385
PSVersion                      2.0
WSManStackVersion              2.0
PSCompatibleVersions           {1.0, 2.0}
SerializationVersion           1.1.0.1
PSRemotingProtocolVersion      2.1
#>


Get-wmiobject -Class Win32_OperatingSystem
# Results
<#
SystemDirectory : C:\WINDOWS\system32
Organization    :
BuildNumber     : 19042
RegisteredUser  : User001
SerialNumber    : 00330...
Version         : 10.0.19042
#>



Get-WmiObject win32_group -filter 'Name="Administrators"'
# Results
<#
Caption                      Domain        Name             SID
-------                       ------       ----             ---
w10labws001\Administrators   w10labws001   Administrators   S-1-5-...
#>


(Get-WmiObject win32_group -filter 'Name="Administrators"').GetRelated('Win32_UserAccount')
# Results
<#
AccountType : 512
Caption     : w10labws001\Administrator
Domain      : w10labws001
SID         : S-1-5-21...
FullName    :
Name        : Administrator

AccountType : 512
Caption     : w10labws001\User001
Domain      : w10labws001
SID         : S-1-5-21-...
FullName    :
Name        : User001
...
#>

Or

((Get-WmiObject win32_group -filter 'Name="Administrators"').GetRelated('Win32_UserAccount')).Name
# Results
<#
Administrator
...
#>

The above command works, as does your original one.

C:\>powershell -version 2.0 -nologo -noprofile
PS C:\> gwmi win32_group -filter 'Name="Administrators"'|%{$_.GetRelated('Win32_UserAccount')} | select Name
# Results
<#
Name
----
Administrator
...
#>

It just takes far longer to complete the job (results are shown, and then you have a very long pause before you can use the console/ISE again), than the net localgroup and or the way Santiago Squarzon is showing you.

solution2
 1  2021-04-22 16:25:18

Supposing you have access to [adsi] type accelerator this should give you the members of local :的成员:

$adsi=[adsi]"WinNT://$env:ComputerName,computer"
$adsi.psbase.children.find('Administrators').psbase.invoke('members')|
    %{
        $name=$_.GetType().InvokeMember('Name','GetProperty',$null,$_,$null)
        $class=$_.GetType().InvokeMember('Class','GetProperty',$null,$_,$null)
        $adspath=$_.GetType().InvokeMember('ADSPath','GetProperty',$null,$_,$null)
        $sid=New-Object System.Security.Principal.SecurityIdentifier -ArgumentList `
            ($_.GetType().invokeMember('objectsid','GetProperty',$null,$_,$null),0)

        [pscustomobject]@{
            ComputerName=$env:ComputerName
            Name=$name
            Class=$class
            Path=$adspath -replace 'WinNT://'
            SecurityIdentifier=$sid.Value
        }
    }|sort Class -Descending

One Line:

$adsi=[adsi]"WinNT://$env:ComputerName,computer";$adsi.psbase.children.find('Administrators').psbase.invoke('members')|%{$name=$_.GetType().InvokeMember('Name','GetProperty',$null,$_,$null);$class=$_.GetType().InvokeMember('Class','GetProperty',$null,$_,$null);$adspath=$_.GetType().InvokeMember('ADSPath','GetProperty',$null,$_,$null);$sid=New-Object System.Security.Principal.SecurityIdentifier -ArgumentList ($_.GetType().invokeMember('objectsid','GetProperty',$null,$_,$null),0);[pscustomobject]@{ComputerName=$env:ComputerName;Name=$name;Class=$class;Path=$adspath -replace 'WinNT://';SecurityIdentifier=$sid.Value}}|sort Class -Descending

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PowerShell 2 Command To List Only Local Disabled User Accounts Can powershell be used to create local user accounts in windows? Windows Command To List Expired User Accounts Only Modifying local accounts with powershell Windows Server AD 2022 - Add a domain user to the local group "Remote Desktop Users" via GPO using PowerShell Add Local Group User policies with powershell PHP Forms-Based Authentication on Windows using Local User Accounts Manage local user accounts Error while adding a local group to local user using powershell puppet add user to local windows group
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM