用于在远程服务器上获取用户ID的脚本。 [英] Script to get user ids on remote servers.

查看：80 发布时间：2019/6/16 4:25:10 Offtopic

本文介绍了用于在远程服务器上获取用户ID的脚本。的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

你好......我正在努力吸引本地用户和他们管理员组远程服务器上的用户ID。我得到了一个正在运行的脚本（如下所述），因为我得到了一些帮助（因为我还在学习并且在它上面变得更好），所以我不相信自己。使用
那个脚本时，即使我在一些新的Server 2012服务器上定位，我也会遇到一些错误。

Hi there...I am trying to get local users & admin group user ids on remote servers. I got a script that's working (mentioned below), I dont take credit to myself as I got some assistance in that (as I am still learning and get better at it). While using that script, I got some errors even when I target on some of new Server 2012 servers.

$Output = "C:\Temp\Users-GroupMember\UserInfo.rtf"
$Servers = Get-Content -Path "C:\Temp\Users-GroupMember\Servers.txt"

foreach ($Servers in $Servers)

{
# 1. To get Local Administrators group Members

Write-Output "1. *****Administrators group Members for the Server mentioned above****" |out-file $Output -Append

$localgroup = "Administrators"
$Group= [ADSI]"WinNT://$Servers/$LocalGroup,group" 
$members = $Group.psbase.Invoke("Members")
$members | ForEach-Object { $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) } | Out-File $Output -Append

# 2. Local user information

Write-Output "2. *****Local user information for the Server mentioned above*****" | out-file $Output -Append

$adsi = [ADSI]"WinNT://$Servers"
$adsi.Children | where {$_.SchemaClassName -eq 'user'} | Foreach-Object {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)} | out-file $Output -Append
}

错误，我得到了

Exception calling "Invoke" with "2" argument(s): "The network path was not found
At C:\Temp\Users-GroupMember\Users-GroupMember.ps1:17 char:32

+ FullyQualifiedErrorId : DotNetMethodException
+ CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
+ $members = $Group.psbase.Invoke < <<< ("Members")

当我研究这个错误时，我开始了解这个关于
启用CredSSP 在Windows服务器中（即使是针对vCO powershell插件的那个。）他已经提到了 -

"默认情况下，PowerShell远程处理使用"网络登录"进行身份验证。网络登录通过向远程服务器证明您拥有用户凭据而不将凭证发送到该服务器来工作（请参阅Kerberos和NTLM身份验证）。
因为远程服务器没有您的凭证，所以当您尝试时使第二跳（从服务器A到服务器B）失败，因为服务器A没有凭证来向服务器B进行身份验证。

来解决这个问题问题，PowerShell提供CredSSP（凭据安全支持提供程序）选项。使用CredSSP时，PowerShell将执行"网络清除文本登录"而不是"网络登录"。网络明文登录的工作原理是将用户的
明文密码发送到远程服务器。使用CredSSP时，服务器A将被发送用户的明文密码，因此可以向服务器B进行身份验证。双跃点工作！"
$

可以如果我们需要在服务器2012服务器上也这样做，请分享您的想法。

When I was researching about this error, I came to know about this blog about enabling CredSSP in Windows servers (even though that for vCO powershell plugin. In that he had mentioned –

"By default, PowerShell remoting authenticates using a "Network Logon". Network Logons work by proving to the remote server that you have possession of the users credential without sending the credential to that server (see Kerberos and NTLM authentication). Because the remote server doesn't have possession of your credential, when you try to make the second hop (from Server A to Server B) it fails because Server A doesn't have a credential to authenticate to Server B with.

To get around this issue, PowerShell provides the CredSSP (Credential Security Support Provider) option. When using CredSSP, PowerShell will perform a "Network Clear-text Logon" instead of a "Network Logon". Network Clear-text Logon works by sending the user's clear-text password to the remote server. When using CredSSP, Server A will be sent the user's clear-text password, and will therefore be able to authenticate to Server B. Double hop works!"

Can you pls share you thoughts if we need to do the same in server 2012 servers as well.

用于在远程服务器上获取用户ID的脚本。 [英] Script to get user ids on remote servers.

问题描述

推荐答案

相关文章

其他开发语言最新文章

热门教程

热门工具

登录关闭

用于在远程服务器上获取用户ID的脚本。 [英] Script to get user ids on remote servers.

问题描述

推荐答案

相关文章

其他开发语言最新文章

热门教程

热门工具

登录 关闭

登录关闭