PEM Free Risk Discovery Tool

Thank you!

Your submission has been received and we'll be in touch shortly.

Go here
Oops! Something went wrong while submitting the form.

Discover the risky privileges lurking in your estate

Local admin rights are incredibly attractive to attackers, but do you know what admin accounts you have in your estate? You should. It's the starting point for implementing a "Principle of Least Privilege (POLP)" strategy.

Using this free tool, find out which endpoints have local admin rights. Understand how exposed you are, and start to plan your route to safety.

What the tool does

Many organizations are implementing the "Principle of Least Privilege (POLP)" as a way to ensure only the minimum level of privileged access is granted to the smallest number of people for the shortest period of time. One of the first steps in implementing a POLP strategy should be to remove any standing administrator rights from user's laptops and workstations. The PEM Risk Discovery Tool gets you started by revealing what local admin accounts you have in your IT estate.

The list of users and groups in a given computer’s Administrators group is not stored in Active Directory - it is only available on the computer itself. To get the whole list of users in local Administrators groups within a domain, each computer in the domain must be queried.

  • The Local Admin Audit Tool starts by getting the list of computers in the domain using a simple LDAP query against the default Domain Controller (queried as rootDSE).
  • It then queries each computer using Active Directory Service Interfaces with the WinNT provider to obtain the list of members in that computer’s Administrators group (despite the name, this is not querying the domain’s Active Directory, but a simplified directory service that runs on each computer.).
  • The information returned contains user names and last logon times - which is all the information needed to build the audit.
  • The tool can be run with any user and on any workstation in your domain which fulfills the specified requirements.

What the tool does not

The tool does not save or report any information to any third party including Osirium.


To make sure you don't have any problems running the assessment tool, check the following:

  • Your user/workstation running the tool must be able to authenticate in the domain, it must be able to make DNS queries in the domain, and it must be able to make LDAP queries in the domain.
  • The user running the tool must be in the local Administrator group of the computers that are being queried - this is a requirement when querying Administrators group members through Active Directory Service Interfaces.
  • The tool requires .NET Core 3. If it isn't installed, you will be prompted to download and install .NET Core
  • Finally, the workstation running the tool must be able to connect to the other workstations it is querying using SMB protocol on port 445.

No items found.

No items found.

Discover your risk today

Please complete the form to download your free local administrator account discovery tool.

An overview of Privileged Access Management

Read this high-level overview to see how PAM can protect your shared devices and services, manage privileged users and accounts and simplify remote access.

overview of Privileged Access Management

An overview of Privileged Process Automation

Read this short whitepaper to see how PPA can transform your IT Operations.

An overview of Privileged Endpoint Management

Read this short whitepaper to see how PEM can improve endpoint security and IT help desk load.

An overview of Privileged Access Security

Read this short whitepaper to see how PPA can transform your IT Operations.