Script to list admin users on Windows devices

Identifying all local administrators on the device aids in user management, enabling IT administrators to modify user privileges as the roles and requirements change over time. Moreover, the permissions extended on the device for a user as the local administrator should also be managed. For instance, the ability to create a user account lets them create other accounts (both standard and administrator) that may or may not be misused. You can reconsider who can extend such administrator-based privileges on the devices from time to time. Therefore, regular monitoring of users with administrative privileges is essential to maintain the security and integrity of the system.

All users with admin privileges can be easily fetched by deploying the script to list admin users using the Hexnode’s Execute Custom Script action.

Scripts to list user with admin privileges

Below are the scripts to list admin users on a Windows device:

PowerShell

The PowerShell script fetches and displays users/groups with administrator privileges on a Windows system. It first retrieves the members of the “Administrators” local group using the Get-LocalGroupMember cmdlet and stores them in the $adminGroup variable. Then, it outputs the names of these users in the Action History in the Hexnode UEM console.

Batch

When executed, this batch script fetches and displays the list of users and groups in the Action History in the Hexnode UEM console who are members of the “Administrators” group, indicating who has administrative access on the system.

net: This is the command-line tool used to manage network resources in Windows.

localgroup: This is a subcommand of net that allows you to manage local groups on the system.

Administrators: This is the name of the local group whose members you want to list. In this case, it refers to the built-in Windows group “Administrators“, which typically contains users and groups with administrative privileges.