bernardb
asked on
Local PC Admin group audit
We have several PC'S and laptop's connected to our Win2k3 active directory domain. We need to find out which users have beeN added to their local machines administrator group.
Is there a way to do this without asking users or without going to each users desktop and laptop or with remoting into each individual PC or Laptop?
Is there a way to do this without asking users or without going to each users desktop and laptop or with remoting into each individual PC or Laptop?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi Bern,
Any update from above suggestion ?
Alternatively, you can have give a try to this automated option(http://www.activedirectory auditing.n et/) which seems good sound to audit and find out which users have been added to their local machines administrator group. You can collect and analyze all the critical changes made in AD with this software.
Any update from above suggestion ?
Alternatively, you can have give a try to this automated option(http://www.activedirectory
ASKER
Great script.
Thanks Experts one and all
Thanks Experts one and all
http://www.grouppolicy.biz/2010/01/how-to-use-group-policy-preferences-to-secure-local-administrator-groups/