Discover the risky privileges lurking in your estate

Free Local Admin Risk Discovery Tool

What's the first thing an attacker looks for when they get into a target? It's privileged accounts. Although they're mostly on shared servers, you may have hundreds or thousands of local admin accounts on laptops and workstations across your business. 

Now you can find out how much risk you face with this free tool. You'll see which endpoints have local admin accounts - the first step to removing them.

What the tool does

Active Directory doesn't report the list of users and groups in a given Administrators group. That's only available on the computers, so every computer in the domain must be queried. The tool can be run with any user and on any workstation in your domain which fulfills the specified requirements below.

What the tool does not do

The Local Admin Audit tool does not save or report any information to any third party including Osirium.


To make sure you don't have any problems running the assessment tool, check the following:

  • Your user/workstation running the tool must be able to authenticate in the domain.
  • The user must be able to make DNS queries in the domain, and make LDAP queries in the domain.
  • The user running the tool must be a member of the local Administrator group of the computers being queried (that's a requirement when querying Administrators group members through AD Service Interfaces).
  • .NET Core 3 is required. You will be prompted to download and install .NET Core, if it's not present.
  • Finally, the workstation running the tool must be able to connect to the other workstations it is querying using SMB protocol on port 445.
Click to chat