- Joined: 3/25/2013
How does one run a group membership check on local computer groups
Thursday, July 20, 2017 9:29 PM
Pretty new to this and trying to figure some stuff out. On the Configuration / Active Monitoring tab there is a monitoring check called "Users and groups members". I thought I could use to check for user accounts in the local Administrators group on the workstations and servers that don't belong.
On the "Custom properties" tab there are three fields: Domain, Group, and Allowed members. What are the values I would put into Domain and Group to check for unauthorized members of the local Administrators group on the endpoints? Putting in the local domain name, such as mydomain.local, and for the Group putting in Administrators, ends up with errors:
domain not found: mydomain.local, group not found: Administrators
It would seem like Domain should be the local computer name, since I am checking local groups, not AD groups, but putting in a variable like %computername% results in the same error except the Domain not found is %computername%.
If I put an actual computer name in Domain, and run a test against that specific computer, it seems to work as expected, but obviously I'm not going to create a specific check for each specific endpoint.
So how is this supposed to work? Is there any documentation on this?