On a standalone machine, the Users
group contains all the normal users plus a couple special group-like principals from NT AUTHORITY
.
net localgroup Users
In PowerShell, that's equivalent to:
Get-LocalGroupMember 'Users'
Alternatively, you could use a WMI query to get only real accounts:
wmic useraccount
That includes the Guest
account, DefaultAccount
, and the built-in Administrator
. You get the same results from PowerShell's Get-LocalUser
.
If you want to list only enabled accounts, you can narrow down the query:
wmic useraccount where "Disabled = FALSE"
The same in PowerShell:
Get-LocalUser | ? {$_.Enabled}
To test whether a given user (in variable $u
) is an administrator:
(Get-LocalGroupMember 'Administrators' | ? {$_.SID -eq $u.SID}).Count -ne 0
This gets the members of the Administrators group and checks whether there are any members with the same SID (security identifier) as the given user object. You can get such a user object from Get-LocalUser
or Get-LocalGroupMember
.
There is
Users
– notjustme – 2016-12-06T15:35:55.477That also displays admin though. I want just users or a way to distinguish them. – TheiMacNoob – 2016-12-06T16:18:57.693
So you need a group that includes only users and excludes admins, power users, application accounts, service accounts, shared accounts, etc? Or do you need some other combination? – music2myear – 2016-12-06T16:21:19.130
Oh, forgot one thing: What about domain admins versus domain users who have admin (or elevated) credentials on a specific application, service, system, or computer? – music2myear – 2016-12-06T16:22:00.270
I need one that eirther displays only users or one that displays users and admins but it says if one is an admin like one that says something like. John. Richard (Admin). or something like that – TheiMacNoob – 2016-12-06T16:28:34.793