Rob van der Woude's Scripting Pages
Powered by GeSHi

Source code for login_abort_if_admin.ps

(view source code of login_abort_if_admin.ps as plain text) 

  1. # 'S-1-5-32-544' is the SID of the local 'Administrators' group.
  2. # The groups 'Domain Admins' and 'Enterprise Admins' are members of the local
  3. # 'Administrators' group if the computer is connected to an AD domain.
  4. if ( [Security.Principal.WindowsIdentity]::GetCurrent( ).Groups -contains 'S-1-5-32-544' ) {
  5. 	Write-Error "This login script must NOT be executed by members of the Administrators group." -ErrorAction Stop
  6. }

page last modified: 2025-10-11; loaded in 0.0064 seconds