Howdy,
I am trying to use this script that I found on the technet forums and I've changed it a bit so it's not a function, then added in something to get the password age of the accounts.
I can't figure out how to get the Last Login Time of the users and I know that the wmi method provides some info and adsi provides the last login. I tried adding in a line for an adsi query to get last login but it fails. I read this and I couldn't get it to work at all: https://www.petri.com/find-local-user-accounts-using-powershell
Then I am going to try to add in something to loop through credentials so that if a connection fails it will try another set of creds. Can anyone help with that? I've searched and I don't know if it's just not common but I am stuck with a mess of systems/domains, so I have to do that or I end up running things from 10 or so systems manually.
I need the computername, username, disabled status, last login date, description, full name, expiration date (if any), expired status, and only for local accounts, but in all groups. I want to schedule this as a task and email a csv, but I can work on that after getting this to work. I wanted to add in a log file and catch any errors also, I tried to do a try catch but I got no where with that.
$ComputerName = Get-Content C:\john\servers.txt
$Obj = @()
Foreach($Computer in $ComputerName)
{
If($Credential)
{
$AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
-Filter "LocalAccount='$True'" -ComputerName $Computer -Credential $Credential -ErrorAction SilentlyContinue
}
else
{
$AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "root\cimv2" `
-Filter "LocalAccount='$True'" -ComputerName $Computer -ErrorAction SilentlyContinue
}
Foreach($LocalAccount in $AllLocalAccounts)
{
$Object = New-Object -TypeName PSObject
$Object|Add-Member -MemberType NoteProperty -Name "Name" -Value $LocalAccount.Name
$Object|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $LocalAccount.FullName
$Object|Add-Member -MemberType NoteProperty -Name "Caption" -Value $LocalAccount.Caption
$Object|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $LocalAccount.Disabled
$Object|Add-Member -MemberType NoteProperty -Name "Status" -Value $LocalAccount.Status
$Object|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $LocalAccount.LockOut
$Object|Add-Member -MemberType NoteProperty -Name "Password Changeable" -Value $LocalAccount.PasswordChangeable
$Object|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $LocalAccount.PasswordExpires
$Object|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $LocalAccount.PasswordRequired
$Object|Add-Member -MemberType NoteProperty -Name "SID" -Value $LocalAccount.SID
$Object|Add-Member -MemberType NoteProperty -Name "SID Type" -Value $LocalAccount.SIDType
$Object|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $LocalAccount.AccountType
$Object|Add-Member -MemberType NoteProperty -Name "Domain" -Value $LocalAccount.Domain
$Object|Add-Member -MemberType NoteProperty -Name "Description" -Value $LocalAccount.Description
$Obj+=$Object
}
If($AccountName)
{
Foreach($Account in $AccountName)
{
$Obj|Where-Object{$_.Name -like "$Account"}
}
}
else
{
$Obj | export-csv -NoTypeInformation c:\john\testnew.csv
}
}