Solved

Local PC Admin group audit

Posted on 2014-02-26
4
1,338 Views
Last Modified: 2014-02-27
We have several PC'S and laptop's connected to our Win2k3 active directory domain. We need to find out which users have beeN added to their local machines administrator group.

Is there a way to do this without asking users or without going to each users desktop and laptop or with remoting into each individual PC or Laptop?
0
Comment
Question by:bernardb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 39889836
if you do not need a list of users who are in local admin group on domain computers you can use GPO to define who should be in that group and apply that GPO accross your domain. That wipe all all non authorized users from local admin group.
http://www.grouppolicy.biz/2010/01/how-to-use-group-policy-preferences-to-secure-local-administrator-groups/
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 39889840
hi,

Please use the LocalAdministratorsMembership script from below site.

http://community.spiceworks.com/scripts/show/78-list-local-administrators-for-a-list-of-computers.
0
 
LVL 5

Expert Comment

by:Pankaj_401
ID: 39891157
Hi Bern,
Any update from above suggestion ?
Alternatively, you can have give a try to this automated option(http://www.activedirectoryauditing.net/) which seems good sound to audit and find out which users have been added to their local machines administrator group. You can collect and analyze all the critical changes made in AD with this software.
0
 

Author Closing Comment

by:bernardb
ID: 39893411
Great script.

Thanks Experts one and all
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question