Get Local Administrators Group Members Using PowerShell

To get the local Administrators group members using PowerShell, you need to use the GetLocalGroupMember command. This command is available in PowerShell version 5.1 onwards and the module for it is Microsoft.PowerShell.LocalAccounts. This module is not available in the 32-bit PowerShell version but on a 64-bit system.

In the below example, we need to retrieve the Local Administrators group members,

Example

Get-LocalGroupMember -Group "Administrators"

Output

ObjectClass    Name          PrincipalSource
-----------    ----          ---------------
User          LABDOMAIN\delta
Group         LABDOMAIN\Domain Admins
User          TEST1-WIN2K12\Administrator
User          TEST1-WIN2K12\LocalAdmin

Name Property shows the members of the local administrator groups. To retrieve the local Administrators group members from the remote servers, we need to use the Invoke-Command method.

Example

Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{Get-LocalGroupMember -
Name 'Administrators'}

Output

ObjectClass    Name                         PrincipalSource          PSComputerName
-----------    ----                         ---------------          --------------
User           LABDOMAIN\Delta              ActiveDirectory          Test1-Win2k16
Group          LABDOMAIN\Domain             Admins ActiveDirectory   Test1-Win2k16
User           TEST1-WIN2K16\Administrator  Local                    Test1-Win2k16
User           TEST1-WIN2K16\LocalAdmin     Local                    Test1-Win2k16
User           TEST1-WIN2K16\Localuser      Local                    Test1-Win2k16

You can also filter the specific user as shown below.

Example

Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{Get-LocalGroupMember -
Name 'Administrators' | where{$_.Name -like "*Alpha*"}}

Output

ObjectClass    Name                PrincipalSource PSComputerName
-----------    ----                --------------- --------------
User           LABDOMAIN\alpha     ActiveDirectory Test1-Win2k16

In the earlier PowerShell version, this command wasn’t supported. You can also retrieve the output using cmd.

Example

net localgroup administrators

Output

Alias name    administrators
Comment       Administrators have complete and unrestricted access to the comput
er/domain
Members
-------------------------------------------------------------------------------
Administrator
Delta
Domain Admins
Enterprise Admins
The command completed successfully.

To get only the members, we will store the output in the variable and operate.

Example

$members = net localgroup administrators
$members[6..($members.Length-3)]

Output

Administrator
Delta
Domain Admins
Enterprise Admins

To run this command on the remote computer,

Example

Invoke-Command -ComputerName Test1-Win2k16 -ScriptBlock{
   $members = Invoke-Expression -command "Net Localgroup Administrators"
   $members[6..($members.Length-3)]
}

Output

Administrator
LABDOMAIN\Delta
LABDOMAIN\Domain Admins
LocalAdmin

Similarly, you can use any local group name instead of the Administrators group.