I found this:
and I have tested the script locally on my laptop which does generate the list of accounts that are currently in the local administrators group on my laptop. So this is a start now I just need to figure if I can use that script with the local object I created containing the complex string of accounts that are allowed to actually be in the local administrators group.
I will be working on this in between meetings and putting out other fires so I am def attempting to figure this out any help is appreciated and I will add any fix to this at the end of the discussion like I did for rule V-1148 posting I placed a few weeks ago. Thanks guys.