<# ##################################################################### SCRIPT IsADMemberOfLocalAdmins.ps1 SYNTAX .\IsADMemberOfLocalAdmins.ps1 -InputFile <.\ComputerList.txt> -OutputFile <.\OutPutFile.txt> -InputFile Text file containing list of Computers to query -OutputFile Text File containing results from script SYNOPSIS Queries the Local Administrators group on the computers listed in the text file provided as a parameter, to determine if Domain Admins is listed as a member. NOTE Script requires no parameters or arguments, but does have some. I recommend you have the relevant permissions in the domain and on the computers being queried for optimal results. This script is provided "AS IS" with no warranties, confers no rights and is not supported by the authors or employer. AUTHOR Carl Harrison VERSION: 1.0 - First cut ##################################################################### #> # Change these two to suit your needs Param ( [Parameter()][string]$InputFile='.\computers.txt', [Parameter()][String]$OutputFile='.\IsDAMemberOfAdminsOutput.txt') $ChildGroups = "Domain Admins" $LocalGroup = "Administrators" $MemberNames = @() $OutPutResults = @() $Computers = Get-Content $InputFile foreach ( $Computer in $Computers ) { $Group= [ADSI]"WinNT://$Computer/$LocalGroup,group" $Members = @($Group.psbase.Invoke("Members")) $Members | ForEach-Object { $MemberNames += $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } $ChildGroups | ForEach-Object { $output = "" | Select-Object Computer, Group, InLocalAdmin $output.Computer = $Computer $output.Group = $_ $output.InLocalAdmin = $MemberNames -contains $_ Write-Output $output $OutputResults += $output } $MemberNames = @() } $OutputResults | Export-CSV -NoTypeInformation $OutputFile