Re: How can I change the admin password of all our XP PC's on the doma
- From: "Austin Osuide" <austin@xxxxxxxxxxx>
- Date: Mon, 22 Oct 2007 22:35:24 +0100
Hi Cyborg,
You've got a problem thats really not very easy to solve (read cheap).
You have this problem because it is the nature of all but the least
inquisitive of users to want to be admins on their workstations.
If you dont give the user accounts admin privilages, they go for the local
admin account.
Now, your next problem is how do you manage the local admin account? Do you
set the same one on all workstations?
If you do that, all that needs happen is one user finding out and "word gets
around" or the document that "holds" the password gets into the wrong hands.
Regular use of the password even makes it more insecure. Will you change it
regularly on all workstations? A real procedural nightmare depending on the
size of your estate.
If you have different passwords for different workstatins, how do you
provide ready access to admins who require it?
Several home grown Apps exist which derive an admin password from the
workstation name based on some algorithm but securing the tool becomes the
issue and usually, it doesnt take a rocket scientis to reverse engineer
them.
So you decide to pay for some Enterprise Class tool to do this for you if
especially you have thousands of boxes to visit. And there companies out
there who wite apps for just that.
As an example ( not a recomendation by any way, shape or form), see:
http://www.liebsoft.com/index.cfm/products?id=512.
HTH,
Austin
"Cyborg" <andrewwhite@xxxxxxxxxxxxxx> wrote in message
news:B3A473D8-D40D-4ED0-B3E8-4A034552684F@xxxxxxxxxxxxxxxx
Hi this is great, do I need to change anything in this script apart form
the "testpassword"
I take it I can then add the script to the logon part of the doamin group
policy?
"Simon" <Simon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:55FB500B-675B-426B-9E75-F3954A30DA2B@xxxxxxxxxxxxxxxx
try this as part of a logon/startup script:
strComputer = "MyComputer"
Set objUser = GetObject("WinNT://" & strComputer & "/Administrator,
user")
objUser.SetPassword "testpassword"
objUser.SetInfo
To make it more generic, you will need to set the script to get the pc's
computer name before trying to change the password.
"Cyborg" wrote:
Somehow many of our users know the local admin password for our XP
machines,
is there a way to change this on all PC's to something else, like a
group
policy?
.
- Follow-Ups:
- References:
- Prev by Date: Re: USERENV errors 1058 on all clients since installation of SCE
- Next by Date: Re: nslookup not resolving Internet FQDNs on domain controller
- Previous by thread: Re: How can I change the admin password of all our XP PC's on the doma
- Next by thread: Re: How can I change the admin password of all our XP PC's on the doma
- Index(es):
Relevant Pages
|
