Remove or Disable Local account


Dear All,

We have 2000 endpoints which do not have connected to any of the domain. All the 2000 endpoints laptops and desktops are using directly using local account which is having administrator rights.

In order to manage all the endpoints using standard user rights, only way I know through AutoPilot deploy the standard profile.

But, its little big task to complete.

So for testing, I have joined some of the endpoints joined to Azure AD join manually through Access work or school. Now few machines joined Azure joined.


But all the machines already the endpoints users are created Local admin account using different names, and its not standard name called administrator..


Now how can i disable or remove the administrator accounts which is created by users with different local account names????

Answer ( 1 )


    Writing a PowerShell script to disable or remove the administrator accounts and deploy them through Intune is better. That said, it’s not easy to identify the accounts users create with different local account names.

    You can use Get-LocalGroupMember -Group “Administrators” or Get-LocalUser to retrieve users and remove unwanted local users. Feel free to reach me out if you need help with coding.

Leave an answer

Sorry, you do not have permission to answer to this question .