[gptalk] Re: Local Admin Passwords
- From: "James Kagele" <james.kagele@xxxxxxxxx>
- To: gptalk@xxxxxxxxxxxxx
- Date: Mon, 3 Dec 2007 11:08:00 +0100
I think this is where Jamie's encoding comes to play -- If you run a
gpresult in verbose mode you will see the password is in clear text. The
password is available to anyone with network access or the ability to
run gpresult.
We use the same procedure but simply mitigate by only running the policy for
a specific period of time and locking down the gpresult.exe so only
administrators can run the command.
James
On Dec 2, 2007 9:03 AM, Ray Lewis <razor@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> I had this very same problem some time back and got around it by...
>
>
>
> · Create a BAT File and include the following line: *NET USER
> Administrator %1*
>
> · Save File in a read shared folder – i.e. \\yourDC\NETLOGON
>
> · Create a GPO Start-up script pointing to your new file – i.e.
> \\yourDC\NETLOGON\newPWfile.bat
>
> · Under Script Parameters, put the password you want the clients
> to use (see attached screen shot) – SAVE.
>
>
>
> You're done, when the client's restart, the new password will be assigned.
>
>
>
> Ray
>
>
>
> -----Original Message-----
> From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
> Behalf Of Eric Lanyon
> Sent: 30 November 2007 23:13
> To: gptalk@xxxxxxxxxxxxx
> Subject: [gptalk] Local Admin Passwords
>
>
>
> I am needing to change a small office's local administrator password. I'd
> prefer not to touch all 30 workstations to do this. I thought I read at one
> point that this could be automated through a logon script. Is there a
> better way to do this? Maybe through a Group Policy?
>
>
>
> Servers are running Windows 2003.
>
> Workstations are Windows XP.
>
>
>
>
>
> Eric
>
>
>
> ***********************
>
> You can unsubscribe from gptalk by sending email to
> gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by
> logging into the freelists.org Web interface. Archives for the list are
> available at //www.freelists.org/archives/gptalk/
>
> ************************
>
Other related posts:
