Thanks Jamie. I will give this a shot and let you know how it goes. Thanks, Jason On Dec 4, 2007 3:10 PM, Nelson, Jamie R Contr 72 CS/SCBAF < Jamie.Nelson.ctr@xxxxxxxxxxxxx> wrote: > Yes, scripting is the way to go. The script you had linked would work, > but you're assuming the builtin administrator account is named the same > on every system. That is usually the case, but I would use a WMI script > that enumerates the accounts based on the SID. > > See the attached scripts, which should do the trick for you. > > 1) Save both files to your local system (in the same folder). > 2) Take the .txt extension off of the files. > 3) Edit the ChgLocalAdmPwd.vbs in Notepad and set the password you want > near the bottom of the script. Save your changes. > 4) Run the Encode.vbs script and type the file name (ChgLocalAdmPwd.vbs) > of the script you want to encode. It must reside in the same folder you > are executing Encode.vbs from. > 5) ChgLocalAdmPwd.vbe will be generated in the same folder. If you look > at the file in Notepad you will see that the bottom section of the code > (everything after the **Start Encode** statement) will be scrambled. > 6) Run the ChgLocalAdmPwd.vbe as a group policy startup script. You > might want to additionally replace Authenticated Users "read" rights on > the scripts folder in the GPO with "Domain Computers" so that nosy users > can't browse to SYSVOL and decode the script. VBS encryption isn't very > strong, but is enough to deter the average user. > > Hope this helps. > > Regards, > Jamie Nelson > > -----Original Message----- > From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] > On Behalf Of Jason Williams > Sent: Tuesday, December 04, 2007 4:41 PM > To: gptalk@xxxxxxxxxxxxx > Subject: [gptalk] Using Group Policy to change local admin password > > Hello everyone. > Just have a couple of questions about using GP to change a local admin > account on couple thousand PC's. > > I've searched through the archives here to find some information. From > what i've found, would be better to use this as a 'startup script' under > computer configuration, as opposed to a 'logon script' under user > configuration? That correct? > > Also, I am not the best scripter (but I am learning) so I was looking > for solutions available. > > I did find this script: > > http://www.gpanswers.com/community/viewtopic.php?t=768&sid=a2d4614336e8d > 74e4caad9d5ed489970 > <http://www.gpanswers.com/community/viewtopic.php?t=768&sid=a2d4614336e8 > d74e4caad9d5ed489970> > > Would this be sufficient for what I am trying to do? Should I be looking > for something else? What about error checking, making sure the correct > accounts password is changed? > > Appreciate the help. > > Jason > >