Get-LoggedOnUser shows IsLocalAdmin=false in elevated shell

I’ve recently observed Get-LoggedOnUser showing IsLocalAdmin=false when executed from an elevated shell running as local admin.

This machine is domain joined, but the PSADT script was running as a local administrator. I verified that via gpresult /r that the account was in BUILTIN\Administrators.

I’ll put some debug in the CS code to see whats going on here, but while I do that has anyone else seen this behaviour?

Well I put in some debug writes and determined that the issue is being caused by NTAccount.Translate(…) throwing a System.Security.Principal.IdentityNotMappedException. As a result, any unresolvable SID will cause the IsLocalAdmin test not to complete and default to false.

The issue is that the ID provided could actually be a SID for a no-longer-accessible domain/computer, which therefore cannot be resolved.

I think the fix in this case is to check for this exception and ignore it.

That’s a good find.
We have a github repo if you want to create an issue, or a pull request

Or if not, let me know and I’ll work on those.