Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
How to get the local Administrators group members using PowerShell?
To get the local Administrators group members using PowerShell, you need to use the GetLocalGroupMember command. This command is available in PowerShell version 5.1 onwards and the module for it is Microsoft.PowerShell.LocalAccounts. This module is not available in the 32-bit PowerShell version but on a 64-bit system.
In the below example, we need to retrieve the Local Administrators group members,
Example
Get-LocalGroupMember -Group "Administrators"
Output
ObjectClass Name PrincipalSource ----------- ---- --------------- User LABDOMAIN\delta Group LABDOMAIN\Domain Admins User TEST1-WIN2K12\Administrator User TEST1-WIN2K12\LocalAdmin
Name Property shows the members of the local administrator groups. To retrieve the local Administrators group members from the remote servers, we need to use the Invoke-Command method.
Example
Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{Get-LocalGroupMember -
Name 'Administrators'}Output
ObjectClass Name PrincipalSource PSComputerName ----------- ---- --------------- -------------- User LABDOMAIN\Delta ActiveDirectory Test1-Win2k16 Group LABDOMAIN\Domain Admins ActiveDirectory Test1-Win2k16 User TEST1-WIN2K16\Administrator Local Test1-Win2k16 User TEST1-WIN2K16\LocalAdmin Local Test1-Win2k16 User TEST1-WIN2K16\Localuser Local Test1-Win2k16
You can also filter the specific user as shown below.
Example
Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{Get-LocalGroupMember -
Name 'Administrators' | where{$_.Name -like "*Alpha*"}}Output
ObjectClass Name PrincipalSource PSComputerName ----------- ---- --------------- -------------- User LABDOMAIN\alpha ActiveDirectory Test1-Win2k16
In the earlier PowerShell version, this command wasn’t supported. You can also retrieve the output using cmd.
Example
net localgroup administrators
Output
Alias name administrators Comment Administrators have complete and unrestricted access to the comput er/domain Members ------------------------------------------------------------------------------- Administrator Delta Domain Admins Enterprise Admins The command completed successfully.
To get only the members, we will store the output in the variable and operate.
Example
$members = net localgroup administrators $members[6..($members.Length-3)]
Output
Administrator Delta Domain Admins Enterprise Admins
To run this command on the remote computer,
Example
Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{
$members = Invoke-Expression -command "Net Localgroup Administrators"
$members[6..($members.Length-3)]
}Output
Administrator LABDOMAIN\Delta LABDOMAIN\Domain Admins LocalAdmin
Similarly, you can use any local group name instead of the Administrators group.
34K+ Views
