This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Report for Local Administrator accounts on All Assets

Go to solution
TRAGAR
Engaged Sweeper III

a month ago

I want to generate a Report that lists all Local Administrator accounts on all assets.

I am unable to do this, and I am guessing that user-account association needs to be set up to properly scan and the local user scanning configuration enabled in Lansweeper to retrieve this data.

How do I configure Lansweeper to generate the Report that I want?

0 Kudos
1 ACCEPTED SOLUTION
Go to solution
TRAGAR
Engaged Sweeper III
In response to pryan67

Wednesday

Yes, I see that now, but I ended up needing all the contents of the Local Administrator Group, which includes nested domain accounts. I worked with Support and they helped me with this.

This is the Report:

Select Top 1000000 tblAssets.AssetName,
tblUsers.Name As UserName,
Null As Groupname,
tblAssets.Domain,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblUsers On tblAssets.AssetID = tblUsers.AssetID
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysOS On tblAssets.OScode = tsysOS.OScode
Left Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID
Where tblUsers.SID Like '%-500' And tblAssetCustom.State = 1
Union All
Select Top 1000000 tblAssets.AssetName,
tblUsersInGroup.Username As UserName,
tblUsersInGroup.Domainname As Groupname,
tblAssets.Domain,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblUsersInGroup
Inner Join tblAssets On tblUsersInGroup.AssetID = tblAssets.AssetID
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysOS On tblAssets.OScode = tsysOS.OScode
Left Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID
Where Not Exists(Select tblAssets.AssetName As Domain,
tblUsers.Name As UserName
From tblAssets Inner Join tblUsers On tblAssets.AssetID = tblUsers.AssetID
Where tblUsers.BuildInAdmin = 1 And tblUsersInGroup.Domainname =
tblAssets.AssetName And tblUsersInGroup.Username = tblUsers.Name) And
tblUsersInGroup.Admingroup = 1 And tblAssetCustom.State = 1
Order By AssetName

View solution in original post

0 Kudos
6 REPLIES 6
Go to solution
pryan67
Champion Sweeper II

Wednesday

There's a built in report called "local admin accounts" on my on-prem system.  Do you not have that?

 

 

0 Kudos
Go to solution
TRAGAR
Engaged Sweeper III
In response to pryan67

Wednesday

Yes, I see that now, but I ended up needing all the contents of the Local Administrator Group, which includes nested domain accounts. I worked with Support and they helped me with this.

This is the Report:

Select Top 1000000 tblAssets.AssetName,
tblUsers.Name As UserName,
Null As Groupname,
tblAssets.Domain,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblUsers On tblAssets.AssetID = tblUsers.AssetID
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysOS On tblAssets.OScode = tsysOS.OScode
Left Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID
Where tblUsers.SID Like '%-500' And tblAssetCustom.State = 1
Union All
Select Top 1000000 tblAssets.AssetName,
tblUsersInGroup.Username As UserName,
tblUsersInGroup.Domainname As Groupname,
tblAssets.Domain,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblUsersInGroup
Inner Join tblAssets On tblUsersInGroup.AssetID = tblAssets.AssetID
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysOS On tblAssets.OScode = tsysOS.OScode
Left Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID
Where Not Exists(Select tblAssets.AssetName As Domain,
tblUsers.Name As UserName
From tblAssets Inner Join tblUsers On tblAssets.AssetID = tblUsers.AssetID
Where tblUsers.BuildInAdmin = 1 And tblUsersInGroup.Domainname =
tblAssets.AssetName And tblUsersInGroup.Username = tblUsers.Name) And
tblUsersInGroup.Admingroup = 1 And tblAssetCustom.State = 1
Order By AssetName

0 Kudos
Go to solution
brandon_jones
Champion Sweeper III

4 weeks ago

Go to any Windows computer asset page.  At the top of the page hover over config -> User Info then left click on users. Are there any users displayed?

0 Kudos
Go to solution
TRAGAR
Engaged Sweeper III
In response to brandon_jones

3 weeks ago

Yes, I found this last week, and it displays ALL Local Users, but only one is also a Local Administrator account. I need to generate a Report that lists only all Local Administrator accounts on all assets.

0 Kudos
Go to solution
brandon_jones
Champion Sweeper III

4 weeks ago

I would start by going to the scanned item interval under scanning. Scroll down until you find users.  Make sure it is enabled. If it isn't enabled, enable it and scan a few computers and see if the report has data.

0 Kudos
Go to solution
TRAGAR
Engaged Sweeper III
In response to brandon_jones

4 weeks ago

USERS is enabled, but I believe there may be a separate setting for Local Users and the Local Administrators group. So far, I do not see how to create a Report for this, but my thought is that something is missing from scanning.

0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now