Did you know that you can actually search for local user accounts, much like you can search for domain accounts?
Here is an example code that searches for all local accounts with a name that starts with "A" and are enabled:
Add-Type -AssemblyName System.DirectoryServices.AccountManagement $type = New-Object -TypeName System.DirectoryServices.AccountManagement.PrincipalContext('Machine', $env:COMPUTERNAME) $UserPrincipal = New-Object System.DirectoryServices.AccountManagement.UserPrincipal($type) # adjust your search criteria here: $UserPrincipal.Name = 'A*' # you can add even more: $UserPrincipal.Enabled = $true $searcher = New-Object System.DirectoryServices.AccountManagement.PrincipalSearcher $searcher.QueryFilter = $UserPrincipal $results = $searcher.FindAll() $results | Select-Object -Property Name, LastLogon, Enabled
Likewise, to find all enabled local accounts with a password that never expires, try this:
Add-Type -AssemblyName System.DirectoryServices.AccountManagement $type = New-Object -TypeName System.DirectoryServices.AccountManagement.PrincipalContext('Machine', $env:COMPUTERNAME) $UserPrincipal = New-Object System.DirectoryServices.AccountManagement.UserPrincipal($type) # adjust your search criteria here: $UserPrincipal.PasswordNeverExpires = $true $UserPrincipal.Enabled = $true $searcher = New-Object System.DirectoryServices.AccountManagement.PrincipalSearcher $searcher.QueryFilter = $UserPrincipal $results = $searcher.FindAll() $results | Select-Object -Property Name, LastLogon, Enabled, PasswordNeverExpires
