PoshCode Archive: Artifact Content

Artifact d966b3130e05d54b88a4be364894a38e63802433ca3b9eea90a89846a02096df:

File get-localadministrators.ps1 — part of check-in [928491e144] at 2018-06-10 13:46:51 on branch trunk — retrieves local administrators of a maschine using System.DirectoryServices.AccountManagement via Well-known security identifiers (user: unknown size: 1466)

# encoding: ascii
# api: powershell
# title: 
# description: retrieves local administrators of a maschine using System.DirectoryServices.AccountManagement via Well-known security identifiers
# version: 0.1
# type: function
# license: CC0
# function: get-localadministrators
# x-poshcode-id: 4854
# x-archived: 2014-04-09T11:52:53
#
#
function get-localadministrators {
    param ([string]$computername=$env:computername)

    $computername = $computername.toupper()
    
                Add-Type -AssemblyName System.DirectoryServices.AccountManagement
                $PrincipalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext([System.DirectoryServices.AccountManagement.ContextType]::Machine, $Computer)
                           
                $GroupPrincipal = New-Object System.DirectoryServices.AccountManagement.GroupPrincipal($PrincipalContext)
                $Searcher = New-Object System.DirectoryServices.AccountManagement.PrincipalSearcher
                $Searcher.QueryFilter = $GroupPrincipal
                $objoutput = $Searcher.FindAll() | where {$_.Sid -eq 'S-1-5-32-544'} # Administrators group - http://support.microsoft.com/kb/243330
                
                #StructuralObjectClass=user
                #StructuralObjectClass=group
                #ContextType = Domain
                #ContextType = Machine
                    
    return $objoutput
}#end function

PoshCode Archive Artifact [d966b3130e]

Artifact d966b3130e05d54b88a4be364894a38e63802433ca3b9eea90a89846a02096df: