For a windows system administrator, we need to check the member of the local administrators group.
There is also a function in the microsoft gallery:
function get-localadmin { param ($strcomputer) $admins = Gwmi win32_groupuser –computer $strcomputer $admins = $admins |? {$_.groupcomponent –like '*"Administrators"'} $admins |% { $_.partcomponent –match “.+Domain\=(.+)\,Name\=(.+)$” > $nul $matches[1].trim('"') + “\” + $matches[2].trim('"') } }
With this function, we can test if the current logged on user is the member of the local admin group.
$targetcomputer = "analyst1" $OutPutFile= "\\bgl-mdc\shared\IT\users\admins.csv" ##Don't Change the code below: function get-localadmin { param ($strcomputer) $admins = Gwmi win32_groupuser –computer $strcomputer $admins = $admins |? {$_.groupcomponent –like '*"Administrators"'} $admins |% { $_.partcomponent –match “.+Domain\=(.+)\,Name\=(.+)$” > $nul $matches[1].trim('"') + “\” + $matches[2].trim('"') } } $localAdmins = get-localadmin $targetcomputer ##Get the current logged on user $LoggedUsernameObj = Gwmi -class Win32_ComputerSystem –computer analyst1 | select UserName #WMIC /Node:$targetcomputer ComputerSystem Get UserName $LoggedUsername=$LoggedUsernameObj.UserName "The logged on user is :" + $LoggedUsername +"`r`n" ForEach ( $admin in $localAdmins ) { $Islocaladmin = $false If ( $admin -eq $LoggedUsername ) { $Islocaladmin = $true # Then we want to record this user name add-content $OutPutFile ($admin + "," + $targetcomputer) } }
Reference:
https://gallery.technet.microsoft.com/scriptcenter/Get-remote-machine-members-bc5faa57