Powershell Script Help

You're entering it backwards :)

edit: so the whole command from the prompt would be as follows
Also, make sure the folder where you're saving your log file to exists first (the log file itself doesn't have to exist though)

Code:
.\Detect-LocalAdmin.ps1 -OUPath 'OU=Desktop_HealthCheck,OU=Desktops,OU=Resources,OU=RMT,OU=LS,OU=AMR,OU=IA,DC=corp,DC=org' -LogFilePath 'C:\logs\log.log'
 
Last edited:
I'm still not getting it to work :( When I run it in PowerGUI Script Editor and then start debugging.. It prompts to enter the OU and I entered the correct OU which was 'OU=Desktop_HealthCheck,OU=Desktops,OU=Resources,OU=RMT,OU=LS,OU=AMR,OU=IA,DC=corp,DC=org' and then it threw this error:
C:\Users\admbmace\Desktop\Detect-LocalAdmin-Changes.ps1 : The supplied distinguishedName must belong to one of the following partition(s): 'DC=corp,DC=org ,
CN=Configuration,DC=corp,DC=org , CN=Schema,CN=Configuration,DC=corp,DC=org , DC=ForestDnsZones,DC=corp,DC=org , DC=DomainDnsZones,DC=corp,DC=org'.
At line:1 char:1
+ . 'C:\Users\admbmace\Desktop\Detect-LocalAdmin-Changes.ps1'
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified:(:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Detect-LocalAdmin-Changes.ps1
 
You might need to manually specify a Domain Controller, I've added a -Server parameter for you to fill in too. Example as below, executed from Powershell ISE prompt:

Code:
PS C:\Users\s0ul\scripts> .\Detect-LocalAdmin.ps1 -OUPath 'OU=Department,OU=Computers,DC=corp,DC=org' -Server 'DomainController1.corp.org' -LogFilePath 'C:\temp\log.log'

edit: oops, forgot to attach the script :p there ya go
 

Attachments

  • Detect-LocalAdmin.ps1.txt
    4.2 KB · Views: 1
Spent several days trying to figure that one out! Haha. Is there anyway for the powershell script to notify when someone is removed from the local admin's group? Thanks again S0ULphIRE!
 
I like PS so it's no biggie for me :p plus I never know when I'll end up using a random script or function for real, so could turn out to be useful!

Think that should do it for you anyway - I'm not logging any removals, just emailing a notification for now. Pretty easy to add another column to the log though if you want it to log removals as well.
 

Attachments

  • Detect-LocalAdmin.ps1.txt
    5 KB · Views: 3
Back
Top Bottom