Easily Remove Local Admin Rights
with AD Pro Toolkit
Scan domain computers to list all members of the local administrators group.
REMOVE local admin rights on multiple remote computers.

Key Features
Enhance Security and Ensure Compliance Requirements
Removing local admin rights reduces the risk of malware, ransomware and unauthorized changes
to the computer. It enforces the principle of least privilege to help ensure compliance with your organizations policies.
List Local Administrators
Scan remote computers to list users that have local admin rights
Remove Admin Rights
Remotely remove users from the local administrators group
Export Report
Export the members of the local administrators group to csv.
Include Nested Groups
List the members of nested groups to get a complete list of admins.
Show All Groups
Get a list of members of all local groups such as RDP users or backup operators.
Local & Domain Users
Get both local and domain user/groups that have admin rights
Steps to find and remove local admin rights
- Click on Security Tools > Local Admins Report
- Select an OU or leave as default to scan the entire domain
- Click “Run” to start the scan.
- Select the accounts you want to remove from the administrators group and click “Remove member”.
Note: You can filter and search the report to find specific users on multiple computers.

Requirements
- WMI needs to be open inbound on the target computers.