Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Filtered Local Admin Report

I've been at this for several hours now trying to figure this out and I can not seem to get it. I would be extremely grateful to whoever can assist me with this issue. I'm trying to create a very specific auto report for us to review users apart of the local administrator groups on PC's for anything that is potentially off. I'm trying to make the report very specific so it doesn't have the chance to potentially miss something while only giving us a list of entries that we wouldn't expect. Here is what I have so far. 

Because we have local Administrator accounts on all of our PC's, I made two columns; one to filter out domain accounts that we would expect to see, and the other to filter out the local administrator account. I wanted to make sure this was specific enough so a local account couldn't be created and added named "Domain Admins" or a domain account labeled "Administrator" and it would be missed by the report. So far, so good as the report is working exactly as i would expect.

Here's where the issue comes in. I have one more domain user group ("Service Desk Admins") that I would expect to find in the local administrators group on MOST pc's, but not all. There are 6 pc's that we would not expect them to be apart of as we specifically deny them admin access to them. I would like to filter the Service Desk Admins group out of the report UNLESS they were to show up on one of these 6 pc's. These 6 pc's are apart of both an AD group and a collection labeled as "Network Services PC's".

I've been trying every way possible I can think of to have this filtered as described, but everything I do either completely jacks up the report, or filters incorrectly. I tried my best to be as descriptive as possible for whatever heavenly soul can solve this riddle, but if there are any missing pieces I need to provide to solve the puzzle, please let me know.

Thank you a million times over.




1 comment
Date Votes
  • It may be easiest to make a collection for computers NOT in your "Network Services PCs" collection, then run slightly different reports on each collection.

    The report for Network Services PCs highlights those with Service Desk Admins

    The report for not Network Services PCs highlights those without Service Desk Admins