Syntax error How to get the list of local groups using PowerShell?

How to get the list of local groups using PowerShell?

To get the local groups on the windows system using PowerShell, you can use the Get-LocalGroup (Module: Microsoft.PowerShell.LocalAccounts) command. This command will list down all the groups on the particular system.

If we check the properties of this command, it supports Name, Description, ObjectClass (user or group), PrincipalSource (ComputerName – Local or Remote), SID (Security Identifier).

We will select them,

PS C:\> Get-LocalGroup | Select Name, Objectclass, Principalsource,sid
Name                                              ObjectClass PrincipalSource    SID
----                                              -----------  ---------------   ---
LocalAdminGroup                                     Group                         S-1-5-21-
3679408808-4189780139-2861908768-1003
Access Control Assistance Operators                 Group                         S-1-5-32-579
Administrators                                      Group                         S-1-5-32-544
Backup Operators                                    Group                         S-1-5-32-551
Certificate Service DCOM Access                     Group                         S-1-5-32-574
Cryptographic Operators                             Group                         S-1-5-32-569
Distributed COM Users                               Group                         S-1-5-32-562
Event Log Readers                                   Group                         S-1-5-32-573
Guests                                              Group                         S-1-5-32-546
Hyper-V Administrators                              Group                         S-1-5-32-578
IIS_IUSRS                                           Group                         S-1-5-32-568

You can retrieve the Local Groups information on the remote system using the Invoke-Command method.

Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{ Get-LocalGroup}

Please note − This command supports from the PS version 5.1 onwards. For the earlier versions, we can use the cmd command “Net LocalGroup”. For example,

PS C:\Users\Administrator> net localgroup
Aliases for \ADDC
------------------------------------------------------------------
*Access Control Assistance Operators
*Account Operators
*Administrators
*Allowed RODC Password Replication Group
*Backup Operators
*Cert Publishers
*Certificate Service DCOM Access
*Cryptographic Operators
*Denied RODC Password Replication Group
*Distributed COM Users
*DnsAdmins
*Event Log Readers
*Guests
*Hyper-V Administrators
*IIS_IUSRS
*Incoming Forest Trust Builders
*LocalAdminGroup
*Network Configuration Operators
*Performance Log Users
*Performance Monitor Users
*Pre-Windows 2000 Compatible Access
*Print Operators
*RAS and IAS Servers
*RDS Endpoint Servers

On the remote server,

Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{Net localgroup}

Please note − To run the above command, Remote servers must use the PowerShell version 5.1 or the advanced.

Updated on: 2020-11-02T10:43:50+05:30

14K+ Views

Kickstart Your Career

Get certified by completing the course

Get Started
Advertisements