Powershell Remoting¶
Enable PSRemoting remotely¶
1 2 3 4 5 6 7 8 9 | $FormatEnumerationLimit=-1 $servers = (Get-ADComputer -Filter { Enabled -eq $true }).Name # If alternate credential required # $cred = Get-Credential foreach ($server in $servers){ Invoke-WmiMethod -ComputerName $server -Namespace root\cimv2 -Class Win32_Process -Name Create -Impersonation 3 -EnableAllPrivileges -ArgumentList "powershell Start-Process powershell -Verb runAs -ArgumentList 'Enable-PSRemoting –force'" # -Credential $cred } |
Get Remote Servers Local Administrators¶
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | Get-ADComputer -Filter { OperatingSystem -Like 'Windows*Server*' -and Enabled -eq $true } | ForEach-Object -Process { Invoke-Command -cn $_.Name -EA 0 -ScriptBlock { $members = net.exe localgroup administrators | Where-Object -FilterScript { $_ -AND $_ -notmatch 'command completed successfully' } | Select-Object -Skip 4 New-Object -TypeName PSObject -Property @{ Computername = $env:COMPUTERNAME Group = 'Administrators' Members = $members } } | Select-Object -Property ComputerName,Members | Out-String -Width 1500 } |
Remove Domain Admins Group From Remote Servers Local Administrators¶
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | Get-ADComputer -SearchBase 'DC=domain,DC=local' -Filter { OperatingSystem -Like 'Windows*Server*' -and Enabled -eq $true } | Where-Object -FilterScript { $_.DistinguishedName -notlike '*OU=Domain Controllers*' } | ForEach-Object -Process { Invoke-Command -cn $_.Name -EA 0 -ScriptBlock { $ComputerName = $env:COMPUTERNAME if ([bool](Get-LocalGroupMember -Group 'Administrators' -Member 'domain\Server Admins' -ErrorAction SilentlyContinue)) { if ([bool](Get-LocalGroupMember -Group 'Administrators' -Member 'domain\Domain Admins' -ErrorAction SilentlyContinue)) { Remove-LocalGroupMember -Group 'Administrators' -Member 'Domain Admins' -Confirm:$false -WhatIf Write-Host "Domain Admins Group was removed from BULTIN\Administrators group on server $ComputerName" -ForegroundColor Green } else { Write-Host "Domain Admins Group is not a member of BULTIN\Administrators group on server $ComputerName" -ForegroundColor Yellow } } else { Write-Host "Tool Division - Server Admins Group is not a member of BULTIN\Administrators group on server $ComputerName" -ForegroundColor Red } } } |