I've been at this for several hours now trying to figure this out and I can not seem to get it. I would be extremely grateful to whoever can assist me with this issue. I'm trying to create a very specific auto report for us to review users apart of the local administrator groups on PC's for anything that is potentially off. I'm trying to make the report very specific so it doesn't have the chance to potentially miss something while only giving us a list of entries that we wouldn't expect. Here is what I have so far. 

Because we have local Administrator accounts on all of our PC's, I made two columns; one to filter out domain accounts that we would expect to see, and the other to filter out the local administrator account. I wanted to make sure this was specific enough so a local account couldn't be created and added named "Domain Admins" or a domain account labeled "Administrator" and it would be missed by the report. So far, so good as the report is working exactly as i would expect.

Here's where the issue comes in. I have one more domain user group ("Service Desk Admins") that I would expect to find in the local administrators group on MOST pc's, but not all. There are 6 pc's that we would not expect them to be apart of as we specifically deny them admin access to them. I would like to filter the Service Desk Admins group out of the report UNLESS they were to show up on one of these 6 pc's. These 6 pc's are apart of both an AD group and a collection labeled as "Network Services PC's".

I've been trying every way possible I can think of to have this filtered as described, but everything I do either completely jacks up the report, or filters incorrectly. I tried my best to be as descriptive as possible for whatever heavenly soul can solve this riddle, but if there are any missing pieces I need to provide to solve the puzzle, please let me know.

Thank you a million times over.

-Patrick

Cancel
login to comment