0

I would like some help to merge these two scripts, the first one I've made myself the other one is borrowed. How do I get these scripts merged, so I can get list of all the servers and of all members in the local administrators group on the servers in an out-file?

My Script:

$SearchOU='OU=Servers,DC=LB,DC=NET'
Get-ADComputer -Filter * -SearchBase $SearchOU | Format-Table -Property name

The borrowed Script:

$searchOU='ou=name,dc=dc,dc=com'
Get-ADComputer -filter * -SearchBase $searchOU | 
     Foreach-Object{
           ([ADSI]"WinNT://$($_.Name)/Administrators").psbase.invoke('Members') | 
           ForEach-Object{
                $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null)
           }
     }
Khaled
  • 36,533
  • 8
  • 72
  • 99
Sabeltiger
  • 1
  • 1
  • 3
  • Merge in what way? Do you mean appending the `Format-Table` to the latter or something else? (PS. What have you tried?) – Richard Jan 21 '13 at 11:34
  • What I mean is, that the first script: gives me a list of all my servers in the OU 'Servers'; and the second script gives me a list of all the accounts in the local-administrator group for all the servers in the 'servers' OU. So what I mean by merging, is this: To get a script that makes an txt output file where all the serveres are, with all the members in the local administator group for each server. and since the two scripts gives a list of each, then I found it natural to call it a "merge". I hope you understand now. :) – Sabeltiger Jan 21 '13 at 12:11
  • And yes i would also like to append Format-Table to the latter. – Sabeltiger Jan 21 '13 at 12:19

2 Answers2

1

To create an output list of {Server, User} you need to combine the expansion of the membership lists with each row from the AD query. This can be done by Foreach-Object and creation of a custom object:

$searchOU='ou=name,dc=dc,dc=com'
Get-ADComputer -filter * -SearchBase $searchOU | 
  Foreach-Object {
    $server = $_.Name
    ([ADSI]"WinNT://$($_.Name)/Administrators").psbase.invoke('Members') | 
      ForEach-Object {
            $user = $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null)

            New-Object 'PSObject' -property @{'Server'=$server; 'Admin'=$user}
       }
 }

The results of the above can easily be formatted:

… | Format-Table -AutoSize Server, Name

And then append | Out-File $filename -encoding UTF8 to save to a file (or use a redirection operator; but I prefer Out-File as I can avoid UTF8).

However:

  • If the core script is designed for reuse (eg. output to different formats) I would suggest avoiding hard-coding the formatting in the script (making further processing/filtering much harder: would need to parse the output).
  • If the output file is intended for saving and then further processing then Export-CSV is a batter approach.
  • The New-Object's property list can be arbitrarily extended beyond just the two properties above.
Richard
  • 5,324
  • 1
  • 23
  • 20
  • I have just tested you're script and it works perfect, I had never guessed the $Server and New-Object lines for the script. Many thanks Richard. Now I only need to practice the insert of the Format-table to the script. but you helped me with the hard part, thanks so much. – Sabeltiger Jan 21 '13 at 13:53
  • Okay i'll admit it, PowerShell is not my strong side at all. I have now tried various ways of setting the Out-File. (ex. at the end of 'New-Object' line, I inserted | Out-file path) I even tried the whole string | Format-Table and so forth. But I get this error: Out-File : Cannot bind argument to parameter 'FilePath' because it is null. – Sabeltiger Jan 21 '13 at 14:37
  • @Simon That error says you are not passing a filename... (the `$filename` in the answer is a placeholder: you need to put the filename there, or a variable that contains the filename). – Richard Jan 21 '13 at 14:40
  • So after this line: New-Object.....'Admin'=$user} i insert: | Format-Table -AutoSize Server, Name | Out-File C:\Scripts\servers.txt ??? – Sabeltiger Jan 22 '13 at 09:31
  • @Simon yes: but you've got a filename there. Would be easier to create a new question so we can see the whole script, with the full error message (and, to make it easier, mark the line number given in the error). – Richard Jan 22 '13 at 09:48
  • I have posted a new question at this link with powershell error-log: http://serverfault.com/questions/471326/powershell-error-when-adding-filepath – Sabeltiger Jan 22 '13 at 10:21
-1

Hej, this is actually not the direct answer to your question, but this way seems to be easier for me:

I would use SYDI server, to be more precise sydi-wrapper.vbs and sydi-audit-localgroups.vbs tools.

First tool will allow you to collect reports from a list of servers in excel file or from a specific OU in a domain tree.

sydi-wrapper description

The script is included in the tools directory of SYDI Server. It allows to run SYDI against multiple computers. For that purpose you need to edit script for your configuration, specifying gathering options i.e. WMI-options, export formats, location options.

Using the script:

Cscript.exe sydi-wrapper.vbs [options]

Examples

cscript.exe sydi-wrapper.vbs -tComputers.csv

cscript.exe sydi-wrapper.vbs -aDC=contoso,DC=com

cscript.exe sydi-wrapper.vbs -a”OU=Member Servers,DC=contoso,DC=com”

sydi-audit-localgroups description

The script is included in the tools directory of SYDI Server. It works in the same way as SYDI Overview does. It parses SYDI-Server XML files and creates an Excel file containing a list of all your local groups on your client computers and member servers.

Using the script:

Cscript.exe sydi-audit-localgroups.vbs -xC:\SYDI\Output

Examples

cscript.exe sydi-overview.vbs -x"D:\sydi output"

You will get an excel file with all of the groups available on the 1st sheet. If you click on the link opposite to the Group Name you will have all the local users\groups listed for every server.

*The scripts will run and attempt to connect under logged in account, make sure this is domain one.

Volodymyr Molodets
  • 2,424
  • 9
  • 36
  • 52