获取域内所有计算机本地管理员组内成员的POWESHELL CMDLET

$strFilter = "computer"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.SearchScope = "Subtree"
$objSearcher.PageSize = 1000

$objSearcher.Filter = "(objectCategory=$strFilter)"

$colResults = $objSearcher.FindAll()

foreach ($i in $colResults)
{

$objComputer = $i.GetDirectoryEntry()
$strComputer = $objComputer.name

# If machine is up (True if any pings succeed and False if all failed) then carry on

if (test-connection -computername $strComputer -quiet)
{

$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
#$computer.name
$Group = $computer.psbase.children.find("administrators")
#$Group.name

# This will list what’s currently in Administrator Group so you can verify the result

function ListAdministrators
{
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("AdsPath", 'GetProperty', $null, $_, $null)}
$memclas= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Class", 'GetProperty', $null, $_, $null)}
for($counter = 0; $counter -lt $members.count; $counter++) { [array]$result += "$($members[$counter]),$($memclas[$counter])" ; }
$result
}

Write-Host Server Name:
write-Host "`r`n"
$objComputer.dnsHostname
#Write-Host Administrators:
foreach($item in (ListAdministrators))
{
$ads  = (($item.Split(","))[0])
$type = (($item.Split(","))[1])
#Write-Host "AdsPath    : $($item)"
Write-Host "`r`n Name (Type): $(($ads.Split("/"))[-1]) ($($type))"
#Write-Host "Computer (Domain): $(($ads.Split("/"))[-2]) ($(($ads.Split("/"))[-3]))"
}
write-Host "`r`n"
Write-Host "++++++++++++++++++++++++"
}
}