PoshCode Archive  Artifact [c658505162]

Check-ins Using Download Hex

Artifact c658505162647b8cad352315a7402742aa4e0e08130b889dfac71844ca8e56d4:

  • File GetSet-Users.ps1 — part of check-in [43bb8feb8c] at 2018-06-10 13:35:31 on branch trunk — enumerate + add + remove users or groups to any local group on a local, single or multiple remote computers (user: chriskenis size: 2980) 
# encoding: ascii
# api: powershell
# title: GetSet-Users
# description: enumerate + add + remove users or groups to any local group on a local, single or multiple remote computers
# version: 0.1
# type: script
# author: chriskenis
# license: CC0
# x-poshcode-id: 4052
# x-archived: 2013-03-30T05:20:32
# x-published: 2013-03-27T19:15:00
#
# needs remote admin rights obviously
#
param(
[Parameter(Position=0,ValueFromPipeline=$True,ValueFromPipelineByPropertyName=$True)]
[alias("Name","ComputerName")][string[]] $Computers = @($env:computername),
#works automagically for domain members or local computer,
#must be set manual for workgroups or forests
[string] $NTDomain = ($env:UserDomain),
# multiple groups usually makes sense when reporting only
[string[]] $LocalGroups = @("Administrators"),
[string[]] $Add = @(), # can be user or group
[string[]] $Remove = @() # can be user or group
)
begin{
$script:objReport = @()

# list current members in defined group
Function ListMembers ($Group){
$members = $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
return $members
}
#
Function LocalNTGroup ($ComputerName,$Group){
$NTgroup = ([ADSI]("WinNT://" + $Computer + ",computer")).psbase.children.find($Group)
return $NTgroup
}
# provides central output code in case of future revisions
Function Output($ComputerName,$GroupName,$UserName,$Action,$Result){
$script:objReport += New-Object PSObject -Property @{
	Computername = $ComputerName
	GroupName = $GroupName
	UserName = $UserName
	Action = $Action
	Result = $Result
	}
write-host "on $ComputerName -- $GroupName for $UserName the result for $Action is: $Result"
}
}#begin

process{
#foreach loops will not iterate when empty thus no try-catch
foreach ($Computer in $Computers){
	if (Test-Connection -ComputerName $Computer -Count 1 -Quiet -EA "Stop"){
		write-verbose "getting local group members on $Computer"
		foreach ($Group in $LocalGroups){
			$LocalGroup = LocalNTGroup $Computer $Group
			foreach ($member in $(ListMembers $LocalGroup)){
				Output $Computer $Group $member "ENUM" "Existing"
				}
			foreach ($AddID in $Add){
				try{
					$LocalGroup.Add("WinNT://" + $NTDomain + "/" + $AddID)
					$Action = "Added"
					}
				catch{
					write-debug "$AddID is not added"
					$Action = $Error[0].Exception.InnerException.Message.ToString().Trim()
					}
				Output $Computer $Group $AddID "ADDING" $Action
				}
			foreach ($RemID in $Remove){
				try{
					$LocalGroup.Remove("WinNT://" + $NTDomain + "/" + $RemID)
					$Action = "Removed"
					}
				catch{
					write-debug "$RemID is not added"
					$Action = $Error[0].Exception.InnerException.Message.ToString().Trim()
					}
				Output $Computer $Group $RemID "REMOVING" $Action
				}
			}
		}
	}
}#process

end{
$script:objReport | select computername, groupname, username, action, result | sort username
}
Fossil 2.20 [0d61fd2310] 2022-10-28 19:48:33
This page was generated in about 0.011s