ADROOT Account Found

[MidwestAdmin]

What is the ADROOT account living in RootDSE? This powershell script was able to find it but when I browse RootDSE using ADSI Edit I can't see it but I can find it and manipulate it when running powershell through ISE when debugging. I can't find any documentation on the existence of this account but it was privileged at one time because the script finds it and resets it's AdminCount flag. Why does this script find it and since it reset the flag on it should I be concerned?

[chadmcox]

that's not very clear. the adroot is the name of the psprovider being mapped. in this case looks like only one group was found