How to determine which devices have the user as a local admin?

Would like to first determine which devices have the employee as a local admin and then remove those rights. I see script for the Removal of Admin Rights but I need to know how to determine which ones have that scenario. Is there a process already establish for this?

0 Comments   [ + ] Show comments

Answers (2)

Posted by: Ericenri 4 years ago
Senior Purple Belt
Hello, You would need to create a Custom Inventory Rule to accomplish this, executing maybe a wmic command or a VBS script. You could use this with ShellCommandReturnText (cmd /c NET LOCALGROUP Administrators) on a Custom Inventory Rules or distribute a BAT with the follow:

    FOR /F "delims=[]" %%A IN ('NET LOCALGROUP Administrators ˆ| FIND /N "----"') DO SET HeaderLines=%%A
    FOR /F "tokens=*"  %%A IN ('NET LOCALGROUP Administrators') DO SET FooterLine=%%A
    NET LOCALGROUP Administrators | MORE /E +%HeaderLines% | FIND /V "%FooterLine%"

Then execute the ShellComandReturnText
Posted by: SMal.tmcc 4 years ago
Red Belt
see this to create the CIR's

then all you need is a kscript to run a
net user [<UserName> [/delete]]

if you want to remove admin rights from the current logged in user you can us this script (run as system)

if you want to add admin rights from the current logged in user you can us this script (run as system)

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ