ADMINISTRACIJA SISTEMA: септембар 2016

Evo jos jedna skripta, tj funkcija, na lokalnom ili udaljenom racunaru proverava sve korisnike u odredjenoj lokalnoj grupi i pravi listu.

1. citajuci ADSI proverava sve korisnike u grupi
2. za svakog lokalnog korisnika proverava opet ADSI i cita vrednosti
3. za svakog domenskog korisnika proverava u domenu vrednosti

function Get-GroupUsers {

    param(
    [Parameter(Mandatory=$true,valuefrompipeline=$true)]
    [string]$Compname, [string]$GroupName)

    begin {

foreach($computer in $Compname){

[ADSI]$group = "WinNT://$computer/$GroupName,group"
$members = $group.invoke("Members")
$found = ($members | measure).count

      if ($found -gt 0 ) {
        $members | foreach {

            $Hash = [ordered]@{Computername = $computer.toUpper()}
            $hash.Add("Name",$_[0].GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null))

            $ADSPath = $_[0].GetType().InvokeMember("ADSPath", 'GetProperty', $null, $_, $null)
            $hash.Add("ADSPath",$ADSPath)

            $hash.Add("Class",$_[0].GetType().InvokeMember("Class", 'GetProperty', $null, $_, $null))

            $hash.Add("Domain",$ADSPath.Split("/")[2])

            if ($ADSPath -match "/$computer/") {
                $local = $True
                }
            else {
                $local = $False
                }
            $hash.Add("IsLocal",$local)
$user = New-Object -TypeName PSObject -Property $hash
If($user.IsLocal -eq 'True'){
#################Local Users
$lusr = $user.name
$AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -ComputerName $computer -Namespace "root\cimv2" -filter "LocalAccount=True AND Name='$lusr'"
Foreach($LocalAccount in $AllLocalAccounts)
    {
[ADSI]$computerl="WinNT://$computer"
$LastLogin = $computerl.psbase.children | where {$_.name -eq "$lusr"} | select @{name="LastLogin";Expression={$_.psbase.properties.lastLogin}}
        $Object = New-Object -TypeName PSObject
        $Object|Add-Member -MemberType NoteProperty -Name "Computer Name" -Value $computer
        $Object|Add-Member -MemberType NoteProperty -Name "Name" -Value $LocalAccount.Name
        $Object|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $LocalAccount.FullName
        $Object|Add-Member -MemberType NoteProperty -Name "Caption" -Value $LocalAccount.Caption
          $Object|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $LocalAccount.Disabled
          $Object|Add-Member -MemberType NoteProperty -Name "Status" -Value $LocalAccount.Status
          $Object|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $LocalAccount.LockOut
        $Object|Add-Member -MemberType NoteProperty -Name "Password Changeable" -Value $LocalAccount.PasswordChangeable
        $Object|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $LocalAccount.PasswordExpires
        $Object|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $LocalAccount.PasswordRequired
        $Object|Add-Member -MemberType NoteProperty -Name "SID" -Value $LocalAccount.SID
        $Object|Add-Member -MemberType NoteProperty -Name "SID Type" -Value $LocalAccount.SIDType
        $Object|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $LocalAccount.AccountType
        $Object|Add-Member -MemberType NoteProperty -Name "Domain" -Value $LocalAccount.Domain
        $Object|Add-Member -MemberType NoteProperty -Name "Description" -Value $LocalAccount.Description
        $Object|Add-Member -MemberType NoteProperty -Name "Type" -Value 'Local User'
        $Object|Add-Member -MemberType NoteProperty -Name "Last Login" -Value $LastLogin.lastlogin
        $Object
}

}else{
#################Domain Users

$lusr = $user.Name
$domainUser = Get-ADUser $lusr    -ErrorAction SilentlyContinue
$userProp = Get-ADUser $lusr -Properties * -ErrorAction SilentlyContinue
$Object1 = New-Object -TypeName PSObject
if(($domainUser.Enabled) -eq 'true'){$dis = 'False'}else{$dis = 'True'}
if(($userProp.CannotChangePassword) -eq 'True'){$changepass = 'False'}else{$changepass = 'True'}
if(($userProp.PasswordNeverExpires) -eq 'True'){$pasexp = 'False'}else{$pasexp = 'True'}
if(($userProp.PasswordNotRequired) -eq 'True'){$pasreq = 'False'}else{$pasreq = 'True'}
if(($userProp.isDeleted) -eq 'True'){$stat = 'Deleted'}else{$stat = 'OK'}
if(($userProp.Description) -eq 'True'){$stat = 'Deleted'}else{$stat = 'OK'}
        $Object1|Add-Member -MemberType NoteProperty -Name "Computer Name" -Value $computer
        $Object1|Add-Member -MemberType NoteProperty -Name "Name" -Value $domainUser.Name
        $Object1|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $domainUser.UserPrincipalName
        $Object1|Add-Member -MemberType NoteProperty -Name "Caption" -Value $domainUser.SamAccountName
          $Object1|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $dis
          $Object1|Add-Member -MemberType NoteProperty -Name "Status" -Value $stat
          $Object1|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $userProp.LockedOut
        $Object1|Add-Member -MemberType NoteProperty -Name "Password Changeable" -Value $changepass
        $Object1|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $pasexp
        $Object1|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $pasreq
        $Object1|Add-Member -MemberType NoteProperty -Name "SID" -Value $domainUser.SID.Value
        $Object1|Add-Member -MemberType NoteProperty -Name "SID Type" -Value 'No Data'
        $Object1|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $userProp.sAMAccountType
        $Object1|Add-Member -MemberType NoteProperty -Name "Domain" -Value (Get-ADDomain).forest
        $Object1|Add-Member -MemberType NoteProperty -Name "Description" -Value $userProp.Description
        $Object1|Add-Member -MemberType NoteProperty -Name "Type" -Value 'Domain User'
        $Object1
        }

         }

}
else{}

}}}

parametri funkcije su naziv racunara i naziv lokalne grupe.

Primer:
Get-GroupUsers -Compname $env:COMPUTERNAME -GroupName 'administrators'

ADMINISTRACIJA SISTEMA

Странице

Pretraži:

Translate

понедељак, 12. септембар 2016.

Provera korisnika u lokalnoj grupi

Сарадници

Архива чланака

Укупно приказа странице