Utilizing PowerShell I'm trying to get a list of users/group which have Remote Desktop User permissions to be able to log onto a Server.
I can utilise "net localgroup" to get a list of the groups/users with Remote Desktop User Permissions:
PS C:\Users\pal.test> net localgroup "Remote Desktop Users" Alias name Remote Desktop Users Comment Members in this group are granted the right to logon remotely
Members
PAL\kron.pal
PAL\PAL-VPN-Clients
The command completed successfully.
However if I run this command and output to a variable I get all the headings included:
PS C:\Users\pal.test> $RDPUsers = net localgroup "Remote Desktop Users"
PS C:\Users\pal.test> write-host $RDPUsers
Alias name Remote Desktop Users Comment Members in this group are granted the right to logon remotely Member s ------------------------------------------------------------------------------- PAL\kron.pal PAL\PAL-VPN-Client
The command completed successfully.
For other commands like "Get-WMIObject" I would utilise "| Select-Object -ExpandProperty Members to filter the property and select only the property values. However if I use this get either a blank output or an error when I try to use -ExpandProperty:
PS C:\Users\pal.test> net localgroup "Remote Desktop Users" | Select-Object -ExpandProperty Members
Select-Object : Property "Members" cannot be found.
At line:1 char:41
net localgroup "Remote Desktop Users" | Select-Object -ExpandProperty Members
+ CategoryInfo : InvalidArgument: (Alias name Remote Desktop Users:PSObject) [Select-Object], PSArgumentException + FullyQualifiedErrorId ExpandPropertyNotFound,Microsoft.PowerShell.Commands.SelectObjectCommand
Is there a better way to list the users/groups in Windows Server 2008/2012/2016 than using "net localgroup"?
If not how do you filter the output of "net localgroup"?
Thanks Lee_Dailey; your solution was very close to what I needed. I found however that PowerShell 2.0 on Windows 2008 doesn't have the 'skiplast' option as part of the "Select-Object" option.
I did use your code as the basis of alternative solution to avoid the 'skiplast' option no being available in PowerShell 2.0 on Windows 2008.
PS C:\Users\pal.test> net localgroup "Remote Desktop Users" | where {$_ -AND $_ -notmatch "command completed successfully"} | select -skip 4
PAL\kron.pal
PAL\PAL-VPN-Client