|
|
Server Local Group Auditing Question
This script is modified from web to perform auditing of local server groups
and their members. Since I have to do this on a large number of servers I
would like the results written to a Access Database instead of on large text
file. Since I am fairly new to powershell and scripting I dont know how to
do this. Any assistance would be greatly appreciated.
########################
#Functions
########################
$arrExclude = "NT AUTHORITY\LocalService",
"NT AUTHORITY\Local Service",
"NT AUTHORITY\NETWORK SERVICE",
"NT AUTHORITY\NetworkService",
"LocalSystem",
".\ASPNET"
function checkExclusions([string]$strval)
{
foreach ($val in $arrExclude)
{if ($val.ToLower() -eq $strval){return $true} }
return $false
}
function Ping ( [string] $strComputer )
{
$timeout=120;
trap { continue; }
$ping = new-object System.Net.NetworkInformation.Ping
$reply = new-object System.Net.NetworkInformation.PingReply
$reply = $ping.Send($strComputer, $timeout);
if( $reply.Status -eq "Success" )
{
return $true;
}
return $false;
}
########################
#Script
########################
$pathFolder = "D:\ServerBiYearlyScan\CRB\Group"
$computersList = get-content "$pathFolder\CRBServer001.txt"
$ArrayUser = @()
$ArrayGroup = @()
$ArrayKey = @()
$ArrayService = @()
$ArrayShare = @()
$ArrayAccess = @()
foreach($computer in $computersList)
{
#################################################################################################
$retPing = Ping $computer
if($retPing -eq $true)
{
#Disabling the error on the screen
$errorActionPreference="SilentlyContinue"
$testAccss = get-wmiobject Win32_OperatingSystem -computername $computer
-ErrorVariable ERR
If($ERR)
{$Access = $false}
else{$Access = $true}
}
else{$Access = $false}
if($Access -eq $false)
{
#Srv not ping or denied
$obj=New-Object PSObject
$obj | Add-Member Noteproperty -Name "ServerName" -Value
(($computer).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "PING" -Value $retPing
$obj | Add-Member Noteproperty -Name "ACCESS" -Value $Access
$ArrayAccess += $obj
}
else{
#Working on it
#################################################################################################
$namespace = "root\CIMV2"
$results = Get-WmiObject -class Win32_Group -computername $computer
-namespace $namespace -filter "localaccount=true"
foreach($result in $results)
{
$GroupName = $result.name
$group =[ADSI]"WinNT://$computer/$GroupName"
$members = @($group.psbase.Invoke("Members"))
$list = $members | foreach {$_.GetType().InvokeMember("Name",
'GetProperty', $null, $_, $null)}
if($list -ne $null)
{
foreach($member in $list)
{
$obj=New-Object PSObject
$obj | Add-Member Noteproperty -Name "ServerName" -Value
(($computer).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "GroupName" -Value
(($result.name).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "Member" -Value
(($member).trim()).ToUpper()
$ArrayGroup += $obj
}
}
else
{
$obj=New-Object PSObject
$obj | Add-Member Noteproperty -Name "ServerName" -Value
(($computer).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "GroupName" -Value
(($result.name).trim()).ToUpper()
$obj | Add-Member Noteproperty -Name "Member" -Value ""
$ArrayGroup += $obj
}
}
#################################################################################################
}
}
$ArrayGroup | select ServerName, GroupName, Member | out-file
"$pathFolder\CRBLocalGroups001.txt"
--
Tim Dixon
|
|
0
|
|
|
|
Reply
|
 Utf
|
6/28/2010 3:05:40 PM |
|
Search is your friend. As the PowerShell community continues to grow,
chances are that you'll find something already written to help.
I searching for "powershell access database" with bing.com, and one of the
first hits:
http://technet.microsoft.com/en-us/magazine/2009.05.scriptingguys.aspx?pr=blog
Take a read at that first. Come back if you still have any questions.
Marco
"Tim Dixon" <TimDixon@discussions.microsoft.com> wrote in message
news:787EE63D-E6C4-4B51-BB0C-9C4440BC4369@microsoft.com...
> This script is modified from web to perform auditing of local server
> groups
> and their members. Since I have to do this on a large number of servers I
> would like the results written to a Access Database instead of on large
> text
> file. Since I am fairly new to powershell and scripting I dont know how
> to
> do this. Any assistance would be greatly appreciated.
|
|
|
0
|
|
|
|
Reply
|
Marco
|
6/28/2010 10:21:28 PM
|
|
|
1 Replies
773 Views
(page loaded in 0.064 seconds)
Similiar Articles: Server Local Group Auditing Question - microsoft.public.windows ...This script is modified from web to perform auditing of local server groups and their members. Since I have to do this on a large number of servers... Audit Folder Permissions Question - microsoft.public.windows ...Server Local Group Auditing Question - microsoft.public.windows ... Server Local Group Auditing Question - microsoft.public.windows ... Audit Folder Permissions Question ... Is there any way to audit login/logout for specific users ...Server Local Group Auditing Question - microsoft.public.windows ... Is there any way to audit login/logout for specific users ... Server Local Group Auditing Question ... Script to list user rights assignment, local sec. policy and audit ...Server Local Group Auditing Question - microsoft.public.windows ... Script to list user rights assignment, local sec. policy and audit ... Server Local Group Auditing ... How to track or audit meeting requests/cancelations/deletions ...Server Local Group Auditing Question - microsoft.public.windows ... How to track or audit meeting requests/cancelations/deletions ... Server Local Group Auditing Question ... Script to audit windows 2003 servers - microsoft.public.windows ...Server Local Group Auditing Question - microsoft.public.windows ... Script to audit windows 2003 servers - microsoft.public.windows ... Question - microsoft.public.windows ... Noteproperty - microsoft.public.windows.powershellServer Local Group Auditing Question - microsoft.public.windows ... Server Local Group Auditing Question - microsoft.public.windows ... How to read "noteproperty ... Local Service, Local System or Network Service? - microsoft.public ...Server Local Group Auditing Question - microsoft.public.windows ... Local Service, Local System or Network Service? - microsoft.public ... What service should I use the ... How to read "noteproperty" ? - microsoft.public.windows ...Server Local Group Auditing Question - microsoft.public.windows ... How to read "noteproperty" ? - microsoft.public.windows ... Server Local Group Auditing Question ... Get-WinEvent Message NoteProperty - Message = null - microsoft ...Server Local Group Auditing Question - microsoft.public.windows ..... obj=New-Object PSObject $obj | Add-Member Noteproperty ... null, $_, $null)} if($list -ne $null ... Server Local Group Auditing Question .NET FrameworkThis script is modified from web to perform auditing of local server groups and their members. Since I have to do this on a large number of servers I wou Server Local Group Auditing Question - microsoft.public.windows ...This script is modified from web to perform auditing of local server groups and their members. Since I have to do this on a large number of servers... Local audit policy for a single folder? - Microsoft Corporation ...I am trying to create a local server 2008 policy to audit file ... On the folder, add the user group you want to audit ... If you have more questions in the future ... Auditing Settings from GPO are not properly listed in the Local ...... the auditing of object access on a 2k8R2 server and then check the Local Security ... FileAudit to audit the 2k8R2 in question ... how to enable Audit object access group ... Security and Auditing - Microsoft Corporation: Software ...So the question now becomes, how should you ... now want to add this to our terminal server's local group ... volume, set auditing for the Everyone group, replacing auditing ... 7/28/2012 12:35:53 PM
|
|
|
|
|
|
|
|
|
Search |
Post Question |
Groups |
Stream |
About |
Register
3 followers. 