Description: The query allows you to check macOS systems for local administrator accounts. The administrator on a Mac has full privileges to install programs, uninstall them, modify files, or compromise the system. The query helps to identify local administrator accounts to ensure IT hygiene and compliance in the enterprise.
What The Data Shows: User ID, Username, User description
SQL:
SELECT u.uuid, u.username, u.description
FROM users AS u
INNER JOIN user_groups AS g ON g.gid=u.gid
WHERE g.gid = 20
GROUP BY username;
