PUDAdminCenterPrototype

0.2.5

Public/Get-LocalGroupUsers.ps1

                                <#

    .SYNOPSIS

        Get users belong to group.

    .DESCRIPTION

        Get users belong to group. The supported Operating Systems are Window Server 2012,

        Windows Server 2012R2, Windows Server 2016.

    .NOTES

        This function is pulled directly from the real Microsoft Windows Admin Center

        PowerShell scripts use rights (according to Microsoft):

        We grant you a non-exclusive, royalty-free right to use, modify, reproduce, and distribute the scripts provided herein.

        ANY SCRIPTS PROVIDED BY MICROSOFT ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,

        INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS OR A PARTICULAR PURPOSE.

    .ROLE

        Readers

    .PARAMETER group

        This parameter is MANDATORY.

        TODO

    .EXAMPLE

        # Open an elevated PowerShell Session, import the module, and -

        PS C:\Users\zeroadmin> Get-LocalGroupUsers -group Administrators

#>

function Get-LocalGroupUsers {

    param (

        [Parameter(Mandatory = $true)]

        [String]

        $group

    )

    # ADSI does NOT support 2016 Nano, meanwhile Get-LocalGroupMember does NOT support downlevel and also has bug

    $ComputerName = $env:COMPUTERNAME

    try {

        $groupconnection = [ADSI]("WinNT://localhost/$group,group")

        $contents = $groupconnection.Members() | ForEach-Object {

            $path=$_.GetType().InvokeMember("ADsPath", "GetProperty", $NULL, $_, $NULL)

            # $path will looks like:

            #   WinNT://ComputerName/Administrator

            #   WinNT://DomainName/Domain Admins

            # Find out if this is a local or domain object and trim it accordingly

            if ($path -like "*/$ComputerName/*"){

                $start = 'WinNT://' + $ComputerName + '/'

            }

            else {

                $start = 'WinNT://'

            }

            $name = $path.Substring($start.length)

            $name.Replace('/', '\') #return name here

        }

        return $contents

    }

    catch { # if above block failed (say in 2016Nano), use another cmdlet

        # clear existing error info from try block

        $Error.Clear()

        #There is a known issue, in some situation Get-LocalGroupMember return: Failed to compare two elements in the array.

        $contents = Get-LocalGroupMember -group $group

        $names = $contents.Name | ForEach-Object {

            $name = $_

            if ($name -like "$ComputerName\*") {

                $name = $name.Substring($ComputerName.length+1)

            }

            $name

        }

        return $names

    }

}