Powershell Script Help

cyclones

In Runtime
Messages
483
Location
USA
Hello. I found a script on MS Technet that allows it to monitor the local users & groups of domain PC's and sends an email if any changes occur. I'm still quite new to Powershell scripting so I can't figure this one out. I'm wondering if there is anyway that the script can query an AD OU container for computer names instead of using text host names or a text file? Attached is the powershell script that I found from https://gallery.technet.microsoft.com/scriptcenter/How-to-Get-Notified-of-5afdc4fe . Thanks in advanced!
 

Attachments

  • Detect-LocalAdmin.txt
    3.9 KB · Views: 7
Sure is! Try this

You'll just need specify an "OU" parameter when you launch the script like so:

Code:
PS> Detect-LocalAdmin.ps1 -OU 'OU=Computers,OU=siteA,dc=mydomain,dc=local' -LogFilePath C:\MyLog.log -SmtpServer mail.domain.com -EmailSubject 'New Local Administrator Detected' -EmailRecipient 'abertram@domain.com'

edit: I should note, I kiiinda cheated a lil.
In the original script, it checks the PCs in the list you give it by pinging them before accepting them. My one just grabs the whole list of PCs from the OU, then only checks them via pinging when it gets to the main process stage.
 

Attachments

  • Detect-LocalAdmin.ps1.txt
    4.1 KB · Views: 3
Last edited:
S0ULphIRE, I tried doing that but am getting a "ambiguous" error for the OU. Thanks for helping out!
 

Attachments

  • 2016-10-16_15h07_01.png
    2016-10-16_15h07_01.png
    19 KB · Views: 4
I changed it to -searchbase and then entered the OU information and didn't throw any error. How can I tell or know that the script is running? I don't see any output on the screen after it is launched besides >>
Thank you!
 
Try now - I've changed it from "OU" to "OUPath"

Detect-LocalAdmin.ps1 -OUPath 'OU=Computers,OU=siteA,dc=mydomain,dc=local' -LogFilePath C:\MyLog.log -SmtpServer mail.domain.com -EmailSubject 'New Local Administrator Detected' -EmailRecipient 'abertram@domain.com'
 

Attachments

  • Detect-LocalAdmin.ps1.txt
    4.2 KB · Views: 1
@S0ULphIRE, I ran that command and it didn't throw back any errors. Question is.. how can I tell if it's running? After I ran powershell.exe and entered the command, it's just showing >> on the screen right now and can't tell if the script is running or not? I went into the log file location but nothing exists there. Am I missing something? Thanks again.
 
@S0ULphIRE, I ran that command and it didn't throw back any errors. Question is.. how can I tell if it's running? After I ran powershell.exe and entered the command, it's just showing >> on the screen right now and can't tell if the script is running or not? I went into the log file location but nothing exists there. Am I missing something? Thanks again.

Hit enter twice more and it will run the script.
 
I tried that but didn't work either. If I open the script in PS Editor and then run debug, it prompts me to enter a OU and then errors out.
 
@S0ULphIRE, I ran that command and it didn't throw back any errors. Question is.. how can I tell if it's running? After I ran powershell.exe and entered the command, it's just showing >> on the screen right now and can't tell if the script is running or not? I went into the log file location but nothing exists there. Am I missing something? Thanks again.

I forgot to ask, what OS are you running this on?

I just tested it on mine (Windows 10) and realised there's a few bugs in the script due to powershell version changing since this was written.
Updated it slightly and it tests fine for me now :D also changed all the "write-verbose" statements to "write-host" so you can see what the script is doing if you run it in the Powershell ISE or from the Powershell prompt

Let me know how it goes for you
 

Attachments

  • Detect-LocalAdmin.ps1.txt
    4.2 KB · Views: 11
@S0ULphIRE, I'm trying to run that revised copy in Powershell ISE now and when it runs, it asks for the OUPath. How do I correctly enter the OUPath for the script to run correctly? This is what I tried entering but didn't work:
DC=corp,DC=org,OU=IA,OU=AMR,OU=LS,OU=RMT,OU=Resources,OU=Desktops,OU=Desktop_HealthCheck . All of the desktop devices are in the Desktop_HealthCheck container but maybe I'm entering the OU in an incorrect format?? Sorry I'm such a newb!
Also am using a Windows 7 x64 to run this. Thank you!
 
Last edited:
Back
Top Bottom