# Users, Groups, Computers Enumeration ### **Get Information of domain controller** ``` Get-NetDomainController Get-NetDomainController | select-object Name ``` ### **Get information on users in the domain** ``` Get-NetUser Get-NetUser -Username ``` ### **Get the list of all users** ``` Get-NetUser | select samaccountname ``` ### **Get the list of usernames, last logon, and password last set** ``` Get-NetUser | select samaccountname, lastlogon, pwdlastset Get-NetUser | select samaccountname, lastlogon, pwdlastset | Sort-Object -Property lastlogon ``` ### **Get the list of usernames and their groups** ``` Get-NetUser | select samaccountname, memberof ``` ### **Get the list of all properties for users in the current domain** ``` get-userproperty -Properties pwdlastset ``` ### **Get description field from the user** ``` Find-UserField -SearchField Description -SearchTerm "built" Get-netuser | Select-Object samaccountname,description ``` ### **Get computer information** ``` Get-NetComputer Get-NetComputer -FullData Get-NetComputer -Computername -FullData ``` ### **Get computers with operating system ""** ``` Get-NetComputer -OperatingSystem "*Server 2016*" ``` ### **Get the list of all computer names and operating systems** {% code overflow="wrap" %} ``` Get-NetComputer -fulldata | select samaccountname, operatingsystem, operatingsystemversion ``` {% endcode %} ### **List all groups of the domain** ``` Get-NetGroup Get-NetGroup -GroupName *admin* Get-NetGroup -Domain ``` ### **Get all the members of the group** ``` Get-NetGroupMember -Groupname "Domain Admins" -Recurse Get-NetGroupMember -Groupname "Domain Admins" -Recurse | select MemberName ``` ### **Get the group membership of a user** ``` Get-NetGroup -Username ``` ### **List all the local groups on a machine (needs admin privs on non dc machines)** ``` Get-NetlocalGroup -Computername -ListGroups ``` ### **Get a Member of all the local groups on a machine (needs admin privs on non dc machines)** ``` Get-NetlocalGroup -Computername -Recurse ``` ### **Get actively logged users on a computer (needs local admin privs)** ``` Get-NetLoggedon -Computername ``` ### **Get locally logged users on a computer (needs remote registry rights on the target)** ``` Get-LoggedonLocal -Computername ``` ### **Get the last logged users on a computer (needs admin rights and remote registry on the target)** ``` Get-LastLoggedOn -ComputerName ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://crtp-certification.certs-study.com/domain-enumeration/users-groups-computers-enumeration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.