获取域内所有计算机本地管理员组内成员的POWESHELL CMDLET
代码:
网上找的脚本,忘了出处了。
默认是WRITE-HOST.
在DOS窗口下用powershell X.pwd > C:\x.TXT重定向符号可以输出到文件。
出处也忘记了。
1 $strFilter = "computer" 2 $objDomain = New-Object System.DirectoryServices.DirectoryEntry 3 $objSearcher = New-Object System.DirectoryServices.DirectorySearcher 4 $objSearcher.SearchRoot = $objDomain 5 $objSearcher.SearchScope = "Subtree" 6 $objSearcher.PageSize = 1000 7 8 $objSearcher.Filter = "(objectCategory=$strFilter)" 9 10 $colResults = $objSearcher.FindAll() 11 12 foreach ($i in $colResults) 13 { 14 15 16 $objComputer = $i.GetDirectoryEntry() 17 $strComputer = $objComputer.name 18 19 # If machine is up (True if any pings succeed and False if all failed) then carry on 20 21 if (test-connection -computername $strComputer -quiet) 22 { 23 24 25 $computer = [ADSI]("WinNT://" + $strComputer + ",computer") 26 #$computer.name 27 $Group = $computer.psbase.children.find("administrators") 28 #$Group.name 29 30 31 # This will list what’s currently in Administrator Group so you can verify the result 32 33 function ListAdministrators 34 { 35 $members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("AdsPath", 'GetProperty', $null, $_, $null)} 36 $memclas= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Class", 'GetProperty', $null, $_, $null)} 37 for($counter = 0; $counter -lt $members.count; $counter++) { [array]$result += "$($members[$counter]),$($memclas[$counter])" ; } 38 $result 39 } 40 41 42 Write-Host Server Name: 43 write-Host "`r`n" 44 $objComputer.dnsHostname 45 #Write-Host Administrators: 46 foreach($item in (ListAdministrators)) 47 { 48 $ads = (($item.Split(","))[0]) 49 $type = (($item.Split(","))[1]) 50 #Write-Host "AdsPath : $($item)" 51 Write-Host "`r`n Name (Type): $(($ads.Split("/"))[-1]) ($($type))" 52 #Write-Host "Computer (Domain): $(($ads.Split("/"))[-2]) ($(($ads.Split("/"))[-3]))" 53 } 54 write-Host "`r`n" 55 Write-Host "++++++++++++++++++++++++" 56 } 57 }
效果图: