Skip to content

Instantly share code, notes, and snippets.

@pvanderwoude
Created September 28, 2020 14:02
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save pvanderwoude/3c68ad1a77632f8b9b8aab0c901a5ed7 to your computer and use it in GitHub Desktop.
Remediate-LocalAdministrators
#Define variables
$currentUser = (Get-CimInstance Win32_ComputerSystem).Username -replace '.*\\'
$localAdministrators = @("[YourGlobalAdminRoleSid]","[YourDeviceAdminRoleSid]") #Adjust to your local administrators
try {
$administratorsGroup = ([ADSI]"WinNT://$env:COMPUTERNAME").psbase.children.find("Administrators")
$administratorsGroupMembers = $administratorsGroup.psbase.invoke("Members")
foreach ($administratorsGroupMember in $administratorsGroupMembers) {
$administrator = $administratorsGroupMember.GetType().InvokeMember('Name','GetProperty',$null,$administratorsGroupMember,$null)
if (($administrator -ne "Administrator") -and ($administrator -ne $currentUser)) {
$administratorsGroup.Remove("WinNT://$administrator")
Write-Host "Successfully removed $administrator from Administrators group"
}
}
foreach ($localAdministrator in $localAdministrators) {
$administratorsGroup.Add("WinNT://$localAdministrator")
Write-Host "Successfully added $localAdministrator to Administrators group"
}
Write-Host "Successfully remediated the local administrators"
}
catch {
$errorMessage = $_.Exception.Message
Write-Error $errorMessage
exit 1
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment