This post will show you how to get a list of Local Administrators on Windows computer. Local administrators have elevated privileges that allow them to make significant changes to the system, install software, modify settings, etc. This makes knowing all the Local Administrators crucial for system administrators.
How to get a list of Local Administrators on Windows computer?
Follow these steps to see all Local Administrators on Windows devices:
Get a list of Local Administrators on a Local Computer
- Open Windows PowerShell as an Admin.
- Now run the following command to view all local administrators on the Windows computer:
Get-LocalGroupMember -Group "Administrators"
- Run this to view the list of local administrators who have administrator privileges:
Get-LocalGroupMember Administrators | Where-Object (Get-LocalUser $_.SID -ErrorAction SilentlyContinue).Enabled
- To view only the Azure AD users, run this:
Get-LocalGroupMember Administrators | Where-Object $_.PrincipalSource -eq "ActiveDirectory" | select PrincipalSource,class,name,SID
Get a list of Local Administrators from a Remote Windows Computer
- For running commands on remote Windows devices, configure PowerShell Remoting and open the TCP 5985 firewall port.
- Next, enable and configure WinRM (PSRemoting) by running the following commands in Windows Powershell:
Enable-PSRemoting –Force $session = New-PSSession -ComputerName "RemoteComputerName"
- Next, run the following command on the remote device to view the list of local admins:
Invoke-Command -ComputerName "RemoteComputerName" -ScriptBlock select Name,ObjectClass,PrincipalSource
- Replace RemoteComputerName with the IP of the remote device.
I hope this helps.
How do I see all administrators in Windows?
To see all admins on Windows devices, open Settings > Accounts > Family & Other people. Here, a list of all users, including administrators, will appear. Alternatively, you run Get-LocalUser in PowerShell to see administrators.
How to remove local admin with cmd?
Open Command Prompt as an administrator and run the “net user username /delete” command. Ensure you type the user’s username to be removed in the command.