概述:在 Power Shell 中获取本地用户和组,以及组成员
获取本地相关的命令
PS C:\Users\holdy> get-command -name *local*
# 输出如下所示:
# CommandType Name Version Source
# ----------- ---- ------- ------
# Function Enable-BCLocal 1.0.0.0 BranchCache
# Function Get-DscLocalConfigurationManager 1.1 PSDesiredStateConfiguration
# Cmdlet Add-LocalGroupMember 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Disable-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Enable-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Get-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Get-LocalGroupMember 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Get-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Get-WinSystemLocale 2.1.0.0 International
# Cmdlet Import-LocalizedData 3.1.0.0 Microsoft.PowerShell.Utility
# Cmdlet New-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet New-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Remove-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Remove-LocalGroupMember 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Remove-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Rename-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Rename-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Set-DscLocalConfigurationManager 1.1 PSDesiredStateConfiguration
# Cmdlet Set-LocalGroup 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Set-LocalUser 1.0.0.0 Microsoft.PowerShell.LocalAccounts
# Cmdlet Set-WinSystemLocale 2.1.0.0 International获取本地用户
PS C:\Users\holdy> Get-LocalUser
# Name Enabled Description
# ---- ------- -----------
# Administrator False 管理计算机(域)的内置帐户
# DefaultAccount False 系统管理的用户帐户。
# defaultuser100001 True
# Guest False 供来宾访问计算机或访问域的内置帐户
# holdy True
# localtest True
# localtestEmpty True
# localtestEmpty1 True
# WDAGUtilityAccount False 系统为 Windows Defender 应用程序防护方案管理和使用的用户帐户。获取本地管理员组
PS C:\Users\holdy> Get-LocalGroup Administrators
# Name Description
# ---- -----------
# Administrators 管理员对计算机/域有不受限制的完全访问权获取本地管理员组成员
PS C:\Users\holdy> Get-LocalGroupMember Administrators
# ObjectClass Name PrincipalSource
# ----------- ---- ---------------
# 用户 MONTARIUS-WIN11\Administrator Local
# 用户 MONTARIUS-WIN11\holdy MicrosoftAccount获取本地用户组
PS C:\Users\holdy> Get-LocalGroup users
# Name Description
# ---- -----------
# Users 防止用户进行有意或无意的系统范围的更改,但是可以运行大部分应用程序获取本地用户组成员
PS C:\Users\holdy> Get-LocalGroupMember users
# ObjectClass Name PrincipalSource
# ----------- ---- ---------------
# 用户 MONTARIUS-WIN11\holdy MicrosoftAccount
# 用户 MONTARIUS-WIN11\localtest Local
# 用户 MONTARIUS-WIN11\localtestEmpty Local
# 用户 MONTARIUS-WIN11\localtestEmpty1 Local
# 组 NT AUTHORITY\Authenticated Users Unknown
# 组 NT AUTHORITY\INTERACTIVE Unknown