?
Solved

Local PC Admin group audit

Posted on 2014-02-26
4
Medium Priority
?
1,368 Views
Last Modified: 2014-02-27
We have several PC'S and laptop's connected to our Win2k3 active directory domain. We need to find out which users have beeN added to their local machines administrator group.

Is there a way to do this without asking users or without going to each users desktop and laptop or with remoting into each individual PC or Laptop?
0
Comment
Question by:bernardb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 19

Expert Comment

by:helpfinder
ID: 39889836
if you do not need a list of users who are in local admin group on domain computers you can use GPO to define who should be in that group and apply that GPO accross your domain. That wipe all all non authorized users from local admin group.
http://www.grouppolicy.biz/2010/01/how-to-use-group-policy-preferences-to-secure-local-administrator-groups/
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 2000 total points
ID: 39889840
hi,

Please use the LocalAdministratorsMembership script from below site.

http://community.spiceworks.com/scripts/show/78-list-local-administrators-for-a-list-of-computers.
0
 
LVL 5

Expert Comment

by:Pankaj_401
ID: 39891157
Hi Bern,
Any update from above suggestion ?
Alternatively, you can have give a try to this automated option(http://www.activedirectoryauditing.net/) which seems good sound to audit and find out which users have been added to their local machines administrator group. You can collect and analyze all the critical changes made in AD with this software.
0
 

Author Closing Comment

by:bernardb
ID: 39893411
Great script.

Thanks Experts one and all
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many software programs on offer that will claim to magically speed up your computer. The best advice I can give you is to avoid them like the plague, because they will often cause far more problems than they solve. Try some of these "do it…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question