You are here: Blog

Remove Local Administrators

Saturday, 28 May 2022 04:15

-created gpo c-administrators-local
-added companylocaladmin & added domain admins
-added %DOMAINNAME%\AdminLocal.%COMPUTERNAME%
-linked to test ou
-created OU: DIV > _LocalResources > GroupsAdminLocal

For POC:
-created group: AdminLocal.SYSTEM-155
-added test account to the group.
-gpupdate /force /target:computer
-gpresult /r /scope:computer

To filter:
Get-WmiObject -Class Win32_GroupUser | Select-Object GroupComponent,PartComponent,PSComputerName
Get-WmiObject -Class Win32_GroupUser -Filter "GroupComponent=""Win32_Group.Domain='LT-LOCATION-073',Name='Administrators'""" |Select-Object GroupComponent,PartComponent,PSComputerName
Get-WmiObject -Class Win32_Group
Get-WmiObject -Class Win32_Group -Filter "Domain='DOMAIN-HERE'"
Get-WmiObject -Class Win32_Group -filter "Domain='DOMAIN-HERE' AND Name='Domain Admins'"
Get-WmiObject -Class Win32_Group -filter "Domain='%DomainName%' AND Name='AdminLocal.%ComputerName%'"

Test:
-start > run
-wbemtest
-click CONNECT
-for local: root\cimv2
-for remote: \\SYSTEM-NAME\root\cimv2
(add account with domain admin privledges)

NOTES:
https://community.spiceworks.com/how_to/907-gpo-to-push-out-local-administrators-across-a-domain
https://www.grouppolicy.biz/2010/01/how-to-use-group-policy-preferences-to-secure-local-administrator-groups/

Contact Dak Networks

We are not taking on new clients at this time.

Contact: click to contact us.
Website: www.daknetworks.com

Top

daknetworks.com

Remove Local Administrators

Contact Dak Networks