How can I manually reset the 'adminCount' attribute in Active Directory?

Article ID: 417
Category: ADMonitor
Updated: 2020-03-20

EventSentry ADMonitor uses the 'adminCount' attribute to determine whether a user is an administrator. However, since this attribute is not reset by Windows after a user is removed from an administrative ("protected") group, this can sometimes lead to inaccurate reports.

You can read more about the 'adminCount' attribute in KB article 412.

Follow the steps below to manually reset the 'adminCount' attribute:

  • Open Active Directory Users and Computers
  • In the View menu enable Advanced Features
  • Locate the user account(s) that incorrectly have the adminCount attribute set and open the properties
  • Click on the Attribute Editor tab
  • Locate and double-click the adminCount attribute
  • Click the Clear button and OK

Vid.1: Reseting adminCount attribute