Page Nav

HIDE

Grid

GRID_STYLE

Classic Header

{fbt_classic_header}

Header Ad

LATEST POST

latest

How to Find All Admin Accounts on a Domain-Joined Windows PC (PowerShell & CMD Guide)

November 05, 2025 Edit this post

If your computer is part of a Windows Active Directory domain , it’s important to know who has administrator privileges — both locally and...

If your computer is part of a Windows Active Directory domain, it’s important to know who has administrator privileges — both locally and from the domain. This guide shows how to list all local and domain admin accounts on your PC using simple PowerShell and CMD commands.



🔹 Step 1: Open PowerShell as Administrator

Press Start → type PowerShell → right-click and select Run as Administrator.

🔹 Step 2: List All Local and Domain Admins

Get-LocalGroupMember -Group "Administrators" | Select Name, ObjectClass

This command displays all direct members of the Administrators group — including local users, domain users, and domain groups.

🔹 Step 3: Expand Domain Groups (Show Nested Admins)

To see which domain users are inside a domain admin group, run the following PowerShell script:

Import-Module ActiveDirectory

$admins = Get-LocalGroupMember -Group "Administrators"
foreach ($member in $admins) {
    if ($member.ObjectClass -eq 'Group' -and $member.Name -match '\\') {
        Write-Host "`n--- Members of $($member.Name) ---"
        Get-ADGroupMember -Identity ($member.Name -split '\\')[1] -Recursive |
        Select-Object Name, SamAccountName
    } else {
        Write-Host "`n--- User: $($member.Name) ---"
    }
}

✔️ This expands nested domain groups like Domain Admins or IT Support to reveal all individual admin accounts.

🔹 Step 4: Export the Results to a File

To save the full admin list for auditing:

Get-LocalGroupMember -Group "Administrators" |
Select Name, ObjectClass | Out-File "C:\admins_raw.txt"

You can also export all expanded results to CSV:

$report | Export-Csv "C:\All_Admins_DomainExpanded.csv" -NoTypeInformation

🔹 Step 5: Check Domain-Level Admin Groups

To see who belongs to high-privilege domain groups, use:

Get-ADGroupMember -Identity "Domain Admins" -Recursive | Select Name, SamAccountName

Repeat for other key groups such as Enterprise Admins or Schema Admins if needed.

✅ Summary

  • Get-LocalGroupMember → Shows local & domain admins
  • Get-ADGroupMember -Recursive → Expands nested groups
  • Export-Csv → Creates audit reports

Knowing who has admin rights helps protect your PC from unauthorized access and keeps your domain environment secure.

Related Posts

No comments

Subscribe to: Post Comments (Atom)
Check Your Laptop Battery Health Using CMD (Windows 10/11)

Check Your Laptop Battery Health Using CMD (Windows 10/11)

Is your laptop battery draining too fast? Windows has a hidden command that lets you see the true health of your battery — no apps nee...