Available only in Safeguard Privilege Manager for Windows Professional Edition and Professional Evaluation Edition.
Under the Discovery & Remediation tab on the Console, select the Users with Local Admin Rights screen to discover which domain users have been assigned to the local Administrators group on client computers and remove them.
Before you begin, check the following on each target computer
-
The computer is turned on and accessible from the network; and
-
Windows Management Instrumentation (WMI), Distributed Component Object Model (DCOM), File and Printer Sharing, and Remote Administration are allowed through the firewall.
To remove domain users from the local Administrators group on computers on your domain
-
Within the Select Computers section, click Add and Remove to add and remove computers.
-
You cannot select a domain controller computer.
-
If the File and Printer Sharing exception is not enabled for a computer, it will not display in the list.
-
If the Windows Management Instrumentation exception is not enabled, the Class and OS columns will display the Unavailable value.
-
-
Click Clear all entries to remove all computers from the list.
-
Click Discover Accounts in local Administrator groups to discover users and domain groups with local administrator rights. By default, the search results will only include domain users and domain groups. However, you can optionally opt to include local and built-in (for informational purposes only) users.
-
In the window that opens, specify whether to search for local Administrator groups, users, or both.
-
Check the Only display domain accounts discovered in the results list option to restrict the search to Domain accounts only. Clear the option to include local accounts from the Administrators group on client machines.
A window displays your progress as the list builds.
-
Complete the following steps.
-
If an error occurs, it will display in the Errors section with a description. The Unable to open log file... notification signifies that no users in the local Administrators group have been detected.
-
Click Open report file to view data on detected users. The button will not be activated if no users have been found in the local Administrators group.
-
When the discovery operation is completed, click Close.
-
The list of discovered users will display in the User Accounts Discovered in Local Administrators Groups section.
-
Revise the list to only include users you are potentially going to revoke rights from then make your final selection from the remaining list.
-
Click the Exclude selected entries from list link to remove users from this list.
-
Select users from the remaining list, for which you want to revoke their local administrator rights.
-
Click Remove all selected users from local Administrators groups.
-
In the window that opens, click Yes to confirm that you want to remove the users or groups. A window displays your progress as the users are removed.
-
Complete the following steps:
-
If an error occurs, it will display in the Errors section with a description.
-
Click Open report file to view the operation log.
-
When the operation is complete, the users no longer have local administrator rights.
-