Any good IT Pro knows that giving users local administrator rights is a no-no. Some organizations are continually trying to clean up the sins of the past. Over half of today’s security exploits could be mitigated just by removing local administrator rights.
If you need to identify if a certain computer account exists as a local Administrator, use the following PowerShell script.
If the user DOES NOT exist in the local administrator group, the script will return FALSE. If the user DOES exist in the local administrator group, it will return TRUE. To customize the script to reflect the specific name you are looking for, replace EnterUserName with the name you need to scan for.
Script:
$ComputerName = $env:COMPUTERNAME
$Group = ‘Administrators’
#$UserScan = ‘Administrator’
$UserScan = ‘EnterUserName’
$UserExists = [bool](Get-WmiObject -Class Win32_GroupUser -ComputerName $ComputerName |
Where-Object {$_.GroupComponent -match $Group -and
$_.PartComponent.Contains($UserScan)})
$UserExists
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!
