Re: Change local administrator password ? through GPO or push script ?

---

• From: Myweb <meiweb@xxxxxx>
• Date: Tue, 24 Apr 2007 14:07:43 +0000 (UTC)

---

Hello Pascal,

Did some testing and you are right, it is sended in clear text to the workstation. I will change my way of deploying the password.

Best regards

Myweb
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Hello Pascal,

Should work. Even if he finds the batch file via network neighborhood
it will only provide %1 %2 and he can not really use this. We use in
in our environment 350 user without any problem. And also the
password change is very easy, only changing the parameter, that's
all.

Best regards

Myweb
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.

Hello Pascal,

Maybe try this one. Create a batch file pass.bat (or whatever) with
the content

net user administrator %1 (%1 describes the first entry in the
parameter field)

OR

net user %1 %2 (you also can use %1 %2 and add "Username Password"
in the parameter field (be aware of the space))

Add this file via GPO to the Default domain policy>Computer
configuration>Windows settings>Scripts, STARTUP script and set the
parameter
with the new parameters you like to use. At the next time the
workstation
starts up in the domain the local admin password get changed.
The password will only be visible for your domain admins not for
the
normal
user even if he has adminpak installed. The GPO he can not open as
a
normal
user.
Best regards
Myweb
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.

Hi Myweb,

indeed it could be a nice idea !
I will try on Monday to see if there is no way for a user to bypass
this and let him see the parameters defined with the GPO !
I will let you know ;)

I don't test yet but I think there is a problem.
Indeed, I will check, but startup script parameters are sent in clear
text through the network so ... quite easy to find :D

.

---

• References:
  • Re: Change local administrator password ? through GPO or push script ?
    • From: Pascal

• Prev by Date: Re: ADAM Setting VLV searchFlags
• Next by Date: Re: Migrated domain controller - DNS not working properly
• Previous by thread: Re: Change local administrator password ? through GPO or push script ?
• Next by thread: Re: lastModifiedBy attribute
• Index(es):
  • Date
  • Thread

---

Relevant Pages Group Policy to reboot ... I have scheduled a task to reboot workstations at a particular time and ... I have created a GPO and attached the batch file ... I first tested this on one of the test workstation and noted the following ... (microsoft.public.windows.group_policy) Batch file to add a network printer ... I want to create a batch file that, when it is run from a workstation, automatically connects to a network printer. ... Regards, ... (microsoft.public.windowsxp.customize) Re: Errors migrating from NT to 2003 ... what 's the OS version on the Workstation? ... Best regards, ... Errors migrating from NT to 2003 ... domain groups to a local group on the WS: ... (microsoft.public.windows.server.migration) Re: W2K R2 / XP SP2 : My document folder redirection problom in GPO. ... Do you know if i can do that with GPO? ... Best regards, ... This newsgroup is provided for English version support only. ... (microsoft.public.windows.group_policy) Re: GPO and computers ... >>to filter it the object needs to be in the OU to which you apply the GPO, ... >> in the hierarchy or move the computers to the ... >> Regards, ... >> Jimmy Andersson, Q Advice AB ... (microsoft.public.windows.server.active_directory)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2007-04