Skip to content
Help Docs

Find Users with Local Administrator Rights

The local administrator report tool will scan domain computers and show you the members of the local administrator group. Its a quick and easy way to audit who has local admin rights on their computer.

Note - To automate this report see the Automation Guides

Requirements

  • WMI needs to be allowed inbound. If you have the Windows firewall enabled see Firewall docs for the GPO firewall settings to enable WMI.
  • You will need administrator rights on the remote computers.

Step 1: Open Local Admin Report

Click on “Local Admin Report” from the “Security Tools” page.

local admin report

Step 2. Select path and click run.

  • The default search option is the entire domain, click Run to start the scan. To select an OU or group click browse.
  • You can also use a CSV file with a list of computer names to scan.

select object path

The report includes the following columns.

  • Computer = The remote computer hostname.
  • Group Name = The name of the local group.
  • Member Name = The name of the user or group that is a member of the group.
  • Object Class = The members object class.
  • Principal Source = This indicates if the member is a domain object or local object.
  • Status = Computer status.

Step 3. Review the Local Admin Report

Report Example.

example local admin report

In the above example, the server SRV09 has the following accounts as a member of the local administrator’s group.

  • Administrator (local user object)
  • Domain Admins (domain group)
  • it_wrk_admins (domain group)

Scan Computers in a Specific OU or Group

To scan computers in a specific OU or group click the browse button.

select an ou

Now when you run the tool it will only scan the computers from the selected OUs or groups.

Scan Computers from a CSV list

To scan a list of specific computers you can use a CSV file.

  1. Download the CSV template.

  2. Enter each computer name in the CSV file.

    scan from a csv file

  3. Select your CSV file and click run.

    select csv file

Scan All Local Groups

By default, the tool will only get members from the local administrator group.

To get all groups click the “Show All groups” box.

scan all local groups

When you run the tool it will now include all local groups.

all groups example

Included Nested Group Membership

By default, the tool will get direct members only. To show members of groups click “Include nested groups”

Here is a before screenshot (no nested groups).

nested groups

Here is a screenshot after enabling “Include nested groups”.

nested groups example

The report now includes all the members of the “it_wrk_admins” group.