(imported topic written by Ahwilson)
I trying to write a relevance that looks to see if a specific local user account exists on any of our windows computers. I know I could look for the profile folder, but that would mean the account still exist on the computer.
(imported comment written by Lee Wei 2)
Here are some example statements that you might be able to use.
q: names of local users
q: names whose (it = “TESTNAME”) of local users
q: exists names whose (it = “TESTNAME”) of local users
(imported comment written by martinc)
To add to this, I have done something similar previously and generated the results for a security team. They liked that it showed them the desired information then I started to get requests to check for other ids. So to make it less work for me, I would create an analysis that would just list all ids and created a web report that they could just search for whatever id they wanted.
My $0.02 
(imported comment written by Ahwilson)
Martinc that is exactly why I’m trying to create this. Thanks.
(imported comment written by Ahwilson)
Martin how did you specify a particular user account to see if it is a member of the local admin. I am looking for a particular local user existing and that works, but need to know if that account is also a member of the local admins? thanks
(imported comment written by martinc)
I think this is what I did
(members whose (it as string as lowercase does not contain “domain admins”) of it) of local groups whose (name of it = “Administrators”)
On my test systems, this shows me my 2 accounts that are in the Administrators group and filters out the name “Domain Admins”