Several years ago, I was tasked with putting together a script to output a list of all users and groups on a server. Additionally, management wanted to know the membership of the local groups. If the groups contained other groups, the contents of those groups should be listed as well.Here is a sample of the script output.
Report run time: 11/22/2017 12:14:56 Server [S1] Local user accounts Anon000:Enabled Ctx_ConfigMgr:Enabled ctx_cpsvcuser:Enabled ctx_cpuuser:Enabled Ctx_StreamingSvc:Enabled Guest:Enabled administrator:Enabled Local:Group:Administrators Local:User:Enabled:Administrator AD:Group:AnADGroup User:Enabled:user1 User:Enabled:user2 ... ...
Running the Script
- Download the ListAccess.zip and extract to a server running Powershell with the Active Directory Module installed.
- Create a text file with a list of the server names or ip's on which to report. One per line.
- Name this file servers.txt, or execute the next step to change the file name in the script itself.
- Edit the ListAccess.ps1 file and change line 99 so that the file name represents the file name selected in the previous step.
- Note, if the file containing the list of servers is named servers.txt, this step can be skipped.
- Open powershell and load the Active Directory module.
- If you run Active Directory Module for Windows PowerShell, the Active Directory shell will be loaded automatically.
- Change to the folder containing the script and the list of servers
- Execute the report by entering .\ListAccess.ps1 and press enter.
Depending on the number of servers being processed, the script can take some time to complete.