There's a HINV extension someone wrote, probably Ms. Kissinger. It puts the membership of all local groups into a WMI class and HINV collects it.
BAM! http://myitforum.com/cs2/blogs/skissinger/archive/2010/04/25/report-on-all-members-of-all-local-groups.aspx This works great for us, I have a little report that spits out all users in local admins by workstation name. Ivan Lindenfeld From: [email protected] [mailto:[email protected]] On Behalf Of Roland Janus Sent: Tuesday, July 14, 2015 3:51 PM To: [email protected] Subject: RE: [mssms] OT: Get if user is an admin Bump. No one? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Roland Janus Sent: Samstag, 11. Juli 2015 15:34 To: [email protected]<mailto:[email protected]> Subject: [mssms] OT: Get if user is an admin You know how to get that information? I'm not asking if the user has admin rights currently, considering also UAC, but if it is through any group, local or domain, part of the local admin group and potentially can get admin rights (UAC) Something like this only working locally when started as the user itself: whoami /groups which works in a domain through domain groups: BUILTIN\Administrators Alias S-1-5-32-544 Now the catch, also against a remote machine. I know the remote user account, but is that user a member of local administrators through any group membership? I haven't found anything useful, preferable in powershell. At the end I just need true or false. It's for a tool, connecting to a remote computer, retrieving the currently logged on user, but I can't get the information if that user is a local admin. Have I explained what I'm looking for good enough? :) Any ideas? -R ________________________________ NOTICE: The information contained in this message is proprietary and/or confidential and may be privileged. If you are not the intended recipient of this communication, you are hereby notified to: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately.
