excel - Audit local accounts status, name, fullname, group membership & description -
i need export result column-based excel file or comma separated file (csv) able process result in sql server 2008 r2.
i in need local user account's names, full names, group membership , description.
i have been googling quiet bit , found out status in way using adsi, presented in following modified script:
clear get-content "c:\scripts\servers.txt" | foreach-object { $comp = $_ if (test-connection -computername $comp -count 1 -quiet) { ([adsi]"winnt://$comp").children | ? {$_.schemaclassname -eq 'user'} | % { $groups = $_.groups() | % {$_.gettype().invokemember("name", 'getproperty', $null, $_, $null)} $_ | select @{n='användarnamn:';e={$_.name}}, @{n='fullständigt namn:';e={$_.fullname}}, @{n='senast använt:';e={$_.lastlogin}}, @{n='tillhör grupp(er):';e={$groups -join ';'}}, @{n='beskrivning:';e={$_.description}} } } else { write-warning "server '$comp' unreachable hence not fetch data" } } | export-csv -notypeinformation -encoding utf8 -delimiter ";" -path "c:\scripts\localusers.csv"
[source]
i aware script built query several servers in servers.txt
document, of have "localhost" entered in there. however, keeping in case of need in future.
however, when got adsi value of getting account status of "disabled" or "active" hit wall. seems output value in way surprises me bit.
however, after googling , finding out may or may not able converting bitwise-something, started looking @ get-wmiobject
command in powershell combine "disabled" get-wmiobject
value above adsi command, script below.
get-wmiobject -class win32_useraccount -filter "localaccount='true'" | select name, fullname, disabled, lockout, passwordrequired, passwordchangeable | export-csv -notypeinformation -encoding utf8 -delimiter "," -path "c:\scripts\accountdisabled.csv"
however, unsure how combine result (or solve adsi convert value) gets same column-based excel file or csv file.
you can use function translate user flags readable values: way don't need use wmi @ all, , [adsi]
function convert-userflag { param ($userflag) $list = new-object system.collections.arraylist switch ($userflag) { ($userflag -bor 0x0001) {[void]$list.add('script')} ($userflag -bor 0x0002) {[void]$list.add('accountdisable')} ($userflag -bor 0x0008) {[void]$list.add('homedir_required')} ($userflag -bor 0x0010) {[void]$list.add('lockout')} ($userflag -bor 0x0020) {[void]$list.add('passwd_notreqd')} ($userflag -bor 0x0040) {[void]$list.add('passwd_cant_change')} ($userflag -bor 0x0080) {[void]$list.add('encrypted_text_pwd_allowed')} ($userflag -bor 0x0100) {[void]$list.add('temp_duplicate_account')} ($userflag -bor 0x0200) {[void]$list.add('normal_account')} ($userflag -bor 0x0800) {[void]$list.add('interdomain_trust_account')} ($userflag -bor 0x1000) {[void]$list.add('workstation_trust_account')} ($userflag -bor 0x2000) {[void]$list.add('server_trust_account')} ($userflag -bor 0x10000) {[void]$list.add('dont_expire_password')} ($userflag -bor 0x20000) {[void]$list.add('mns_logon_account')} ($userflag -bor 0x40000) {[void]$list.add('smartcard_required')} ($userflag -bor 0x80000) {[void]$list.add('trusted_for_delegation')} ($userflag -bor 0x100000) {[void]$list.add('not_delegated')} ($userflag -bor 0x200000) {[void]$list.add('use_des_key_only')} ($userflag -bor 0x400000) {[void]$list.add('dont_req_preauth')} ($userflag -bor 0x800000) {[void]$list.add('password_expired')} ($userflag -bor 0x1000000) {[void]$list.add('trusted_to_auth_for_delegation')} ($userflag -bor 0x04000000) {[void]$list.add('partial_secrets_account')} } $list -join ', ' }
then update script section, using function user flags, this:
([adsi]"winnt://$comp").children | ? {$_.schemaclassname -eq 'user'} | % { $groups = $_.groups() | % {$_.gettype().invokemember("name", 'getproperty', $null, $_, $null)} $_ | select @{n='användarnamn:';e={$_.name}}, @{n='fullständigt namn:';e={$_.fullname}}, @{n='senast använt:';e={$_.lastlogin}}, @{n='tillhör grupp(er):';e={$groups -join ';'}}, @{n='beskrivning:';e={$_.description}}, @{n='status:';e={convert-userflag $_.userflags.value}} }
Comments
Post a Comment