Local Administrators Report Tool
The local Admin Report Tool will scan remote computers and report accounts that are a member of the local administrator’s group. This tool makes it easy to report which users have local administrator rights on their devices.Download Free Trial
- Find who has local administrator rights
- Scan all local groups
- Export to CSV, Excel or PDF
- Fast and easy to use
- Optionally get nested group members from the local admin group
- WMI needs to be allowed inbound. If you have the Windows firewall enabled see Firewall docs for the GPO firewall settings to enable WMI.
- You will need administrator rights on the remote computers.
How to Use the Local Administrators Report Tool
Step 1. Click on “Local Admin Report” from the management tools page.
Step 2. Click Run.
The default search option is the entire domain, click Run to start the scan. To select an OU or group click browse.
The report includes the following columns.
- Computer = The remote computer hostname.
- Group Name = The name of the local group.
- Member Name = The name of the user or group that is a member of the group.
- Object Class = The members object class.
- Principal Source = This indicates if the member is a domain object or local object.
- Status = Computer status.
In the above example, the server SRV09 has the following accounts as a member of the local administrator’s group.
- Administrator (local user object)
- Domain Admins (domain group)
- it_wrk_admins (domain group)
Scan Computers in a Specific OU or Group
To scan computers in a specific OU or group click the browse button.
Now when you run the tool it will only scan the computers from the selected OUs or groups.
Scan Computers from a CSV list.
To scan a list of specific computers you can use a CSV file.
1. Download the CSV template.
2. Enter each computer name in the CSV file.
3. Select your CSV file and click run.
Scan All Local Groups
By default, the tool will only get members from the local administrator group.
To get all groups click the “Show All groups” box.
When you run the tool it will now include all local groups.
Included Nested Group Membership
By default, the tool will get direct members only. To show members of groups click “Include nested groups”
Here is a before screenshot (no nested groups).
Here is a screenshot after enabling “Include nested groups”.
The report now includes all the members of the “it_wrk_admins” group.
Schedule Scans (Automated Reports)
The local admin report tool can be run on an automated schedule with email reports.
1. Click on Scheduler
Note: If you want automated email reports you will first need to configure the email settings.
2. Click on Add and select “Local Admins Report”.
Click Next and complete the steps to create a task.