I want to build on @Ansgar Wiechers's answer. For my purposes, getting the name of each user was not enough; I had to get the user's domain so that I could see whether the user account was a local account or a domain account.
Instead of calling PSBase.Invoke('Members')
, I simply called Members()
. To get the path of each user, I casted the object using [ADSI]
and then got the Path
property. This was the code that I ended up using to get the members of the local Administrators group on the local machine:
([ADSI]"WinNT://localhost/Administrators,group").Members() | % { ([ADSI]$_).Path.Substring(8) }
For multiple computers, it would look like this:
$computers = 'HostA', 'HostB', 'HostC', ...
$computers | % {
([ADSI]"WinNT://$_/Administrators,group").Members() | % {
([ADSI]$_).Path.Substring(8)
}
}
In the end, I extended my script to query all of the computers in my domain, list the local administrators on each computer, and export all of the results to an XML file:
Import-Module ActiveDirectory
Get-ADComputer -Filter { enabled -eq $true } | % {
$result = New-Object PSObject
Add-Member -InputObject $result -MemberType NoteProperty -Name "Name" -Value $_.Name
$local_administrators = ([ADSI]"WinNT://$($_.Name)/Administrators,group").Members() | % { ([ADSI]$_).Path.Substring(8) }
Add-Member -InputObject $result -MemberType NoteProperty -Name "Local Administrators" -Value $local_administrators
$result
} | Export-Clixml "Local Administrators on Machines in the Domain.xml"
You have to install the Remote Server Administration Tools in order to do Import-Module ActiveDirectory
. For Windows 7 SP1, you can go to https://www.microsoft.com/en-us/download/details.aspx?id=7887 to download and install the tools and then go to Add or Remove Windows Features to enable them.