Powershell generic admin id checker

Question

Can someone help me with powershell script to check a genric admin id has logon access on which all machines.

I just need to give input a generic admin id(eg admin\abcd) and it returns all the workstations/servers/machines on which it has access.

This feature we can check from MMC snap-in and searching that id and going to properties-->log on. This gives all the machines.

But I am looking for some alternative to check directly from my powershell console and later I can add the script to my tool.

jbsmith · Answer 1 · 2016-07-28T21:39:37.823

0

Use the Active Directory module:

Get-ADUser 'userName' -Properties logonworkstations

edited Jul 28 '16 at 21:39

answered Jul 28 '16 at 19:30

jbsmith

Thanks for quick response Smith but will it work for generic id's that is shared or is not tied to a specific user – user3210597 Jul 28 '16 at 20:09
If it's an Active Directory logon, this will work. Based on your description this sounds like a generic AD account that is granted access to logon to various servers/workstations. – jbsmith Jul 28 '16 at 21:38

score 0 · Answer 2 · answered Jul 29 '16 at 07:31

0

But the problem is it throws an error evertime and says can not find an object with identity ADMIN/comprise under dc=prod, DC=travp, DC=net

This is because this genric id was created in admin domain....how to get these results..

Using mmc snap in, i need to search in entire directory then I get this instead of prod.travp.net

answered Jul 29 '16 at 07:31

user3210597

In that case, use the -Server parameter to Get-ADUser and specify a domain controller in the ADMIN domain. – jbsmith Aug 01 '16 at 15:23

2 Answers2