Script to get a list of users allowed to connect computer

Question

I would like to inventory the users and groups that are allowed to connect to a computer (interactively or remotely). The computer can be either in a workgroup or in an active directory but primarily in an active directory. If a group has access, I would also like to know which users are members of that group so that I can determine if the user has access granted directly or thanks to a role.

I would like to do it using PowerShell and remotely but I don't know from where to start.

NB: Part of the solution can be found here (who has logged on?)

score 0 · Answer 1 · edited May 23 '17 at 12:41

0

Default groups that can logon locally on a server:

Administrators
Backup Operators
Users

Reference: https://technet.microsoft.com/en-us/library/dn221980%28v=ws.11%29.aspx

Doing it with PowerShell is not easy, a few options listed here: https://stackoverflow.com/questions/934156/setting-log-on-as-a-service-and-allow-logon-locally-with-adsi

edited May 23 '17 at 12:41

Community

1

answered May 17 '16 at 15:28

smwk

197
7

Script to get a list of users allowed to connect computer

1 Answers1