Many of my customers have moved to, or are moving to, an environment where they use the groups already in the Windows operating system to provide permissions on those systems.
So, they make a domain group member of a local group.
A customer asked me to write a script to get all the names of the local groups, including if they are local groups or domain groups.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
function Get-LocalGroups { param ( [parameter( Mandatory=$true, Position=1, ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true )] [string[]]$ComputerName ) begin { } process { foreach ($Computer in $ComputerName) { try { Get-CimInstance -ClassName Win32_Group -ComputerName $Computer } catch { Write-Error $_ } } } end { } } |
You can call the function, and filter the output down to what you want, like so:
1 |
Get-LocalGroups -ComputerName TST02 | Select-Object -Property PSComputerName,Domain,Name,Description |