Skip to main content

Hi everyone!

 

I am trying to filter a workstyle to only the built-in local admin.

I dont think wildcards can be used in the SID field and using just the username is not super reliable.. but seems to be the only option... 

 

Anyone done this and have any tips?

Hi Akel.

If you are using just a local account, it should be able to match with just the account name and no SID. similar to the filtering that is used for the old IC3 Adapter, which specifically target a local account. see the XML MMC and WPE.

policy XML view
WPE Policy editor
Good old missed MMC editor. still the best.

When you add local accounts, no SIDs are added and are automatically added as “Local Account”

You can replace the name with any other name. if you have renamed the original administrator.

 

Kind regards
Jens

Reply


Badge Earners

  • BCA: Privileged Remote Access
    M.Galanghas earned the badge BCA: Privileged Remote Access
  • BCIE: Password Safe
    awonghas earned the badge BCIE: Password Safe
  • BCA: Password Safe
    Farukshas earned the badge BCA: Password Safe
  • BCIE: Password Safe
    Kaenniehas earned the badge BCIE: Password Safe
  • BCA: Password Safe
    JonSerhas earned the badge BCA: Password Safe
Show all badges
Terms & ConditionsCookie settings