Remko Weijnen's Blog (Remko's Blog)
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
A customer had partially implemented a (written) policy in the past where the the Local Administrator account was renamed according to a special convention.
This policy stated that the Administrator account needed to be renamed to admin with the computername as a prefix.
However they didn’t know exactly on which machines this policy had been applied to in the past. I was asked to write a script that would check a list of machine names, query the Administrator account name and write this in a new list.
The Administrator account has a Well Known SID of S-1-5-21-xxxxxxx-500 where xxxxxxx is the SID of the computer.
This makes this an easy task for PowerShell: we use the Win32_UserAccount WMI Class and filter this on ‘S-1-5-%-500’:
Here is the script:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | # Output Folder $fldr = "c:\Users\rweijnen\Projecten\Customer\scripts" # I am not in the domain so I am using explicit credentials that I saved to a file $password = Get-Content "$fldr\da-password.bin" | ConvertTo-SecureString $Credential = New-Object System.Management.Automation.PsCredential("da-weijnen", $password) # The Domain $Domain = "CONTOSO" # The function that does the actual work... function GetLocalAdmin([string]$Computer) { try { # Perform remote WMI Query using Domain Credentials, query is filtered $ColItems = Get-WmiObject -Class Win32_UserAccount -Authority "ntlmdomain:$Domain" -Namespace "root\cimv2" -ComputerName $Computer -Credential $credential -Filter "SID like 'S-1-5-%-500'" -ErrorAction:Stop $item | Add-Member -Type NoteProperty -Name "Error" -Value "None" return $ColItems.Name } catch [System.Exception] { $item | Add-Member -Type NoteProperty -Name "Error" -Value $_.Exception.Message return "Unknown" } } # Create array $collection = @() # Import CSV, ; seperated contains the following columns # Hostname;IP $csv = Import-Csv "$fldr\Wmi.csv" -Delimiter ";" [int]$i = 0 foreach ($entry in $csv) { $i++ $item = New-Object System.Object $item | Add-Member -Type NoteProperty -Name "Hostname" -Value $entry.Hostname $item | Add-Member -Type NoteProperty -Name "IP" -Value $entry.IP $item | Add-Member -Type NoteProperty -Name "AdminName" -Value (GetLocalAdmin $entry.Hostname) if ($item) {$collection += $item} $item } # Write new CSV $collection | Export-Csv "$fldr\AdminAccounts.csv" -Delimiter ";" |
Please consider donating something (even a small amount is ok) to support this site and my work:
Filed under: PowerShell
Profile
Top Posts
- Query Active Directory from Excel
- RNS 510 Startup Logo–My thoughts
- Adding a hidden Exchange mailbox to Outlook
- How rdp passwords are encrypted
- Get Actual CPU Clock Speed with PowerShell
- ClickOnce Applications in Enterprise Environments
- VW RNS 510 Navigation Startup Pictures
- Unattended Installation of IBM System i Access for Windows
- Reading physical memory size from the registry
- Show Client IP Address when using NetScaler as a Reverse Proxy
Recent Comments
Featured Downloads
- AClientFix (13595 downloads )
- AddPrinter2.zip (12854 downloads )
- AdProps (12379 downloads )
- AdSample1 (11432 downloads )
- AMD Radeon Crimson ReLive (24227 downloads )
- Atheros Driver (34019 downloads )
- AutoLogonXP 1.0 (11404 downloads )
- CDZA (9560 downloads )
- ChDrvLetter.zip (11217 downloads )
- ChDrvLetter.zip (14356 downloads )
Blogroll
- Andrew Morgan
- Arnout’s blog
- Assa’s Blog
- Barry Schiffer
- Delphi Praxis
- Ingmar Verheij
- Jedi Api Blog
- Jedi API Library
- Jeroen Tielen
- Kees Baggerman
Categories
- .NET (4)
- Active Directory (28)
- Altiris (36)
- App-V (1)
- Apple (5)
- Application Compatibility (11)
- Automotive (5)
- AWS (1)
- BootCamp (1)
- C# (6)
- C++ (2)
- Citrix (87)
- Delphi (61)
- Embedded (4)
- Exchange (16)
- General (71)
- iPhone (5)
- Java (8)
- Linux (1)
- Lync (2)
- NetScaler (1)
- Oracle (4)
- Other (1)
- Packaging (19)
- PowerShell (56)
- Programming (79)
- Quest (1)
- RES (7)
- script (22)
- ShareFile (1)
- SQL Server (10)
- Strange Error (3)
- Terminal Server (68)
- ThinApp (3)
- ThinKiosk (1)
- Ubuntu (1)
- Unattended Installation (19)
- Uncategorized (51)
- UWP (2)
- Vista (37)
- Visual Studio (1)
- VMWare (26)
- Windows 10 (2)
- Windows 2003 (30)
- Windows 2008 (37)
- Windows 2008 R2 (16)
- Windows 2012 (2)
- Windows 7 (30)
- Windows 8 (4)
- Windows Internals (12)
- Windows XP (16)
Archives
- February 2023 (1)
- October 2022 (3)
- July 2022 (1)
- June 2022 (2)
- October 2019 (1)
- March 2018 (1)
- January 2018 (4)
- December 2017 (3)
- April 2017 (1)
- March 2017 (5)
- February 2017 (4)
- May 2016 (3)
- March 2016 (1)
- October 2015 (2)
- September 2015 (1)
- January 2015 (1)
- August 2014 (1)
- July 2014 (8)
- May 2014 (1)
- November 2013 (1)
- October 2013 (2)
- September 2013 (3)
- August 2013 (4)
- June 2013 (2)
- May 2013 (3)
- April 2013 (5)
- March 2013 (5)
- February 2013 (1)
- January 2013 (5)
- December 2012 (9)
- November 2012 (3)
- October 2012 (3)
- August 2012 (4)
- July 2012 (2)
- June 2012 (1)
- May 2012 (6)
- March 2012 (13)
- February 2012 (12)
- January 2012 (9)
- December 2011 (9)
- November 2011 (4)
- October 2011 (5)
- September 2011 (10)
- August 2011 (10)
- July 2011 (2)
- June 2011 (8)
- May 2011 (12)
- April 2011 (4)
- March 2011 (14)
- February 2011 (8)
- January 2011 (32)
- December 2010 (23)
- November 2010 (19)
- October 2010 (10)
- September 2010 (6)
- August 2010 (1)
- July 2010 (1)
- June 2010 (6)
- March 2010 (7)
- February 2010 (3)
- December 2009 (3)
- November 2009 (11)
- September 2009 (2)
- July 2009 (1)
- June 2009 (5)
- May 2009 (1)
- April 2009 (2)
- March 2009 (3)
- February 2009 (6)
- January 2009 (3)
- December 2008 (8)
- November 2008 (5)
- October 2008 (3)
- September 2008 (3)
- August 2008 (3)
- June 2008 (6)
- May 2008 (2)
- April 2008 (3)
- March 2008 (5)
- January 2008 (3)
- December 2007 (3)
- November 2007 (13)
- October 2007 (10)
Leave a reply