Skip to main content

Some of the things we do in our logon scripts require the user to be a local administrator. How can the script tell if the user is a local administrator or not, using PowerShell Core.

# Is a User a Local Administrator?
# https://devblogs.microsoft.com/powershell-community/is-a-user-a-local-administrator/

# Get-Command -Module Microsoft.PowerShell.LocalAccounts

# Get who I am
$Me = (& whoami)
$Me # Cookham\JerryG

# Get members of administrators group
$Admins = Get-LocalGroupMember -Name Administrators | Select-Object -ExpandProperty Name

# Check to see if this user is an administrator and act accordingly
if ($Admins.Contains($Me)) {
    Write-Host "'$Me' is a local administrator"
} else {
    Write-Host "'$Me' is NOT a local administrator"
}
# Cookham\JerryG is a local administrator