标签:style os io strong for ar art cti
获取本地管理员组用户
方法一:
$strComputer = $env:COMPUTERNAME
$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$Group = $computer.psbase.children.find("Administrators") #可以自定义组名称
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", ‘GetProperty‘, $null, $_, $null)}
$members
方法二:
[string]$computerName = $env:ComputerName
$computer = [ADSI]"WinNT://$computerName"
$admingroup="administrators" #可以自定义组名称
$group = [ADSI]"WinNT://$computerName/$admingroup"
$members = $group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", ‘GetProperty‘, $null, $_, $null)}
$members
方法三:
$group = [ADSI]“WinNT://./administrators,group”
$members = $group..psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", ‘GetProperty‘, $null, $_, $null)}
$members
通过 $members.Contains("$user") 判断是否包含 $user,返回 true 则为真。
方法四(批处理):
net localgroup administrators
方法五(将vbs转换为powershell):这个没有成功,应该是可以的
[reflection.assembly]::LoadWithPartialName("‘Microsoft.VisualBasic")
$a= [Microsoft.VisualBasic.Interaction]::GetObject("WinNT://./Administrators")
$a|%{$_.GetType().InvokeMember("Name", ‘GetProperty‘, $null, $_, $null)}
结果为: administrators
判断当前登录用户是否属于管理员组:
当前用户是否属于管理员组:
方法一:
$currentUser = [Security.Principal.WindowsIdentity]::GetCurrent()
(New-Object Security.Principal.WindowsPrincipal $currentUser).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
方法二:
whoami /groups /fo CSV | ConvertFrom-Csv | where { $_.SID -eq ‘S-1-5-32-544‘ }) -ne $nul
whoami /groups
获取本地用户:
gwmi win32_useraccount
获取本地组:
gwmi win32_group
ADSI删除用户:
$User = [ADSI]"WinNT://$computerName"
$user.Delete("User",$userName)
添加用户:
net user abc abcpassword /add
net localgroup administrators abc /add
删除Administrator以外的所有管理员账户(.vbs):
strComputer = "."
On Error Resume Next
Set oGroupAdm = GetObject("WinNT://" & strComputer & "/Administrators")
For Each oAdmGrpUser In oGroupAdm.Members
sAdmGrpUser = LCase(oAdmGrpUser.Name)
REM MsgBox sAdmGrpUser
If (sAdmGrpUser <> "administrator") And (sAdmGrpUser <> "domain admins") And (sAdmGrpUser <> "administrator") Then
MsgBox sAdmGrpUser
oGroupAdm.Remove oAdmGrpUser.ADsPath
End if
Next
标签:style os io strong for ar art cti
原文地址:http://www.cnblogs.com/dreamer-fish/p/3915631.html