Delete user account that can be logged on to locally giving admin rights

Hi Y'all,
On the network I look after, a lot of PCs have been identified as having a user account that can be logged on to locally giving full admin access to the machine thus bypassing all security measures in place.
I can get rid of this by logging on to the machine as an administrator and deleting the admin rights from the user. This solves the problem but with 600 PCs on the newtork, can anyone point me at a quick solution/script etc that will do the biz?
Ta.
prytaneionAsked:
Who is Participating?
 
armynt4Connect With a Mentor Commented:
I don't have the script handy... BUT... if you are running a Windows Server 2000 + domain...you could create a logon script that would delete the local account or change rights to the account when the computer or user logs onto the domain.  Just add it to the domain users via a GPO.  Let this run on the network for at least a week.  You can then run MSBA from microsoft.com to get reports on all machines and their respective accounts/rights, local and otherwise.

Probably the easiest way to do it.
0
 
Shift-3Commented:
0
 
prytaneionAuthor Commented:
Hi Armyn,
Thanks for the tip - looks good to me. Have accepted your solution but would appreciate the script if you could spare me the time. I've not dabbled too much with this!
Best regards,
Alan.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.