Beginner question：How to use powershell script to audit/verify remote server local admin group memeber are correct or incorrect

Question

Beginner question

How to use powershell script to audit/verify remote server local admin group members are correct or not. How to compare with the correct members?

and each server has an AD group associated with the server hostname，such as server 1 has test\server1.admin, server 2 has test\server3.admin

I am tried to use Get-LocalGroupMember -Group Administrators get the member list. How to compare with the correct members?

example:

server1 local administrator group members

admin

test\domain admin

test\server1.admin

server2 local administrator group members

admin

test\domain admin

test\server000002.admin

server3 local administrator group members

admin

test\domain admin

test\server3.admin

Expected output:

server1 local admin members are correct

server2 local admin members are incorrect

server3 local admin members are correct

Please copy and paste the code you are trying to make work into the question. Please review the SO help regarding how to ask questions at stackoverflow.com/help Questions without code usually go to superuser.com — lit

Evilcat Evilcat · Accepted Answer · 2019-12-15T07:10:51

to get members of the local Administratorgroup of remote computers you can ever use WMI

Get-WmiObject Win32_GroupUser -ComputerName $remoteComputer | Where-Object {$_.groupcomponent –like '*"Administrators"*'} | select -ExpandProperty PartComponent

Or you can create a remote PSSession and execut the Get-LocalGroupMember CMDLet on the Remotecomputer

Invoke-Command -ComputerName $remoteComputer -ScriptBlock { Get-LocalGroupMember -Group Administratoren  }

Beginner question：How to use powershell script to audit/verify remote server local admin group memeber are correct or incorrect

1 Answers