Search code examples
powershell

PowerShell Filtering the Output of Remote Desktop Users Group

Utilizing PowerShell I'm trying to get a list of users/group which have Remote Desktop User permissions to be able to log onto a Server.

I can utilise "net localgroup" to get a list of the groups/users with Remote Desktop User Permissions:

PS C:\Users\pal.test> net localgroup "Remote Desktop Users" Alias name Remote Desktop Users Comment Members in this group are granted the right to logon remotely

Members

PAL\kron.pal
PAL\PAL-VPN-Clients
The command completed successfully.

However if I run this command and output to a variable I get all the headings included:

PS C:\Users\pal.test> $RDPUsers = net localgroup "Remote Desktop Users"

PS C:\Users\pal.test> write-host $RDPUsers

Alias name Remote Desktop Users Comment Members in this group are granted the right to logon remotely Member s ------------------------------------------------------------------------------- PAL\kron.pal PAL\PAL-VPN-Client
The command completed successfully.

For other commands like "Get-WMIObject" I would utilise "| Select-Object -ExpandProperty Members to filter the property and select only the property values. However if I use this get either a blank output or an error when I try to use -ExpandProperty:

PS C:\Users\pal.test> net localgroup "Remote Desktop Users" | Select-Object -ExpandProperty Members

Select-Object : Property "Members" cannot be found.

At line:1 char:41

  • net localgroup "Remote Desktop Users" | Select-Object -ExpandProperty Members

  • + CategoryInfo          : InvalidArgument: (Alias name     Remote Desktop Users:PSObject) [Select-Object], PSArgumentException

+ FullyQualifiedErrorId ExpandPropertyNotFound,Microsoft.PowerShell.Commands.SelectObjectCommand

Is there a better way to list the users/groups in Windows Server 2008/2012/2016 than using "net localgroup"?

If not how do you filter the output of "net localgroup"?

Solution

  • Thanks Lee_Dailey; your solution was very close to what I needed. I found however that PowerShell 2.0 on Windows 2008 doesn't have the 'skiplast' option as part of the "Select-Object" option.

    I did use your code as the basis of alternative solution to avoid the 'skiplast' option no being available in PowerShell 2.0 on Windows 2008.

    PS C:\Users\pal.test> net localgroup "Remote Desktop Users" | where {$_ -AND $_ -notmatch "command completed successfully"} | select -skip 4
PAL\kron.pal
PAL\PAL-VPN-Client