I'm trying to create a policy to check that the Server Roles for BUILTIN\Administrators includes sysadmin. I've not been able to locate a Server Role facet or other facet that includes a property for Server Role.
So far I've got a condition on the login facet @Name = 'builtin\administrators'. I"m using this as the target for the policy, but that big missing piece is where to check the server role.
Anyone know where the needle is?