The Local Group Management Tool is used to get the local groups and group members from remote computers. The most popular use is to get a report of users that have local administrator rights on their computer.
- WMI open on the firewall – instructions below
- Administrator rights
You can use group policy to push these settings out to all computers.
Here are screenshots of the firewall settings.
How to Guide
1. Select Search Options.
You can search the entire domain or pick an OU or group. If you have a large network this report could take a while to complete.
2. Click Run
When you click the run button the tool will query each computer and report the local groups and their members.
If a computer is offline or unable to connect you will see a status of “Unable to connect” for that computer.
How to report users in the local administrator group?
Here is how you can filter for any group. I’ll use the Administrators group in this example.
You could export the list and use excel to filter out any unwanted results. You can also filter it in the tool.
Right click the Group Name column and select “Filter Editor”
Make the filter group name = Administrators
Now it will just display the Administrators group results
You can do even more filtering. There may be some groups you want to filter out like “Domain Admins” because you already know they are an admin on every domain joined computer.
To filter out users or groups create another condition like this
This will filter out any member that is Domain Admins. You can add multiple conditions to the filter. I went ahead and filtered out the local Administrator account.
Now I can export exactly what I need instead of exporting all groups and group members.