[THIN] Re: OT: Logon with variable question
- From: "Adam Granatela" <agranatella@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Fri, 17 Oct 2008 16:48:55 -0500
Trying to lose my mind?
Trying to validate that a password change has worked successfully, if you
can believe that.
Management has dictated that all local admin passwords on all servers need
to be changed. Management also wants a list of all servers that the
password change didn't work on. Management insists we use Altiris for this.
Altiris job 1: runs as a local sysetm account...runs pspasswd from
MS/sysinternals to change the password for our renamed sysadmin account.
There's no way to report back to Altiris whether this worked or not.
Altiris = stab me in the eye with a wooden spoon, just if the job kicked off
ok or not. So in theory Altiris could kick off the command, report back
that it worked fine, but in reality the pspasswrd command failed.
Altiris job 2: send a "dummy" job to each server, but have it login with the
new password for the local sys admin. That way the ones that do fail end up
failing as a direct result of the new password not working, and we have our
remediation list.
Altiris is going to give me an ulcer.
Before we get any further let me say that I have some working scripts with
logs that will give me all the info I need, but since these can't be run
through Altiris, I'm not allowed to use them. So, as much as I'd like to
discuss the 57,304 ways that are better to change passwords on 1500 servers
other than Altiris, I simply can't. Did I mention that in some language
Altiris is the word for spawn of the devil?
So there it is...The good news is that the building has a clock tower that
goes up a good 18 floors. If I time my swan dive just right I think I can
create a spectacular traffic accident.
Adam
On Fri, Oct 17, 2008 at 4:40 PM, Joe Shonk <joe.shonk@xxxxxxxxx> wrote:
> What exactly are you trying to do that you need to be logged into the
> console as a local administrator instead of an administrator on the domain?
>
>
>
> Joe
>
>
>
> *From:* thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] *On
> Behalf Of *Adam Granatela
> *Sent:* Friday, October 17, 2008 1:58 PM
> *To:* thin@xxxxxxxxxxxxx
> *Subject:* [THIN] Re: OT: Logon with variable question
>
>
>
> Hi thanks for the reply. What I'm looking to do is fire off a job from
> Altiris but I want it to login with the local administrator for each server.
>
> In Altiris there's a "user domain" box that has to have something in it
> (i.e., it won't work if it is left blank), and then username/password. For
> everything done in our environment with Altiris we either use a service
> account, a domain admin account, or just set it to "system account".
>
> However, for this one I want it to specifically login with the local
> administrator account for each machine. So far none of the variables have
> worked. So then I went to the local console of a machine and tried various
> logon methods and found that even there, %computername%\adamg or
> %userdomain%\adamg don't work, even though if I login with
> adamg/password/computername on their respective lines in the logon dialog,
> when I go to look at system variables, both of those are set to the current
> computer name.
>
> Any other ideas?
>
> Adam
>
> On Fri, Oct 17, 2008 at 3:49 PM, Raffensberger, Stephen D <
> sraffens@xxxxxxxxxxxxxxxxx> wrote:
>
> Adam,
>
>
>
> I fight the opposite battle but you can probably use what I use.
>
>
>
> Set HKLM\SOFTWARE\Microsoft\Windows
> NT\CurrentVersion\Winlogon\DefaultDomainName to your "server1" name.
>
> Then just login with a simple adamg and it will default to server1\adamg.
>
>
>
> Actually, all you have to do is log on at the physical console using a
> local account and it will switch this for you.
>
> Trouble is, whenever someone else logs onto the console using the domain,
> it will reverse it for you. I periodically run a batch file that sets it the
> way I want it.
>
>
>
> HTH
>
>
>
> Steve Raffensberger
>
> Citrix Administrator
>
> Sovereign Bank
>
> 1125 Berkshire Boulevard
>
> Wyomissing, PA 19610
>
> email: sraffens@xxxxxxxxxxxxxxxxx
>
>
> ------------------------------
>
> *From:* thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] *On
> Behalf Of *Adam Granatela
> *Sent:* Friday, October 17, 2008 4:35 PM
> *To:* thin@xxxxxxxxxxxxx
> *Subject:* [THIN] OT: Logon with variable question
>
>
>
> Hey everyone, hope all is well. I have another strange request that I was
> wondering if anyone has any insight on.
>
> I'm looking for a way to use a variable to pull in the current computer
> name of a machine, but at login time.
>
> In a standard 3 line Windows 2000/2003 server login screen I can login with
> something like:
>
> server1\adamg
> password
> <third line for domain/local machine is grayed out>
>
> Is there any way I can use a variable instead of "server1" up there so that
> the current servername is put in? I've tried:
>
> %computername%\adamg
> %userdomain%\adamg
>
> and a few other things including double %%, .\adamg, and quotes in various
> places. If anyone wants an explanation as to why I need this I can go into
> that, but I've narrowed things down to the point where if I could pull in
> the current servername using a variable that it will give me everything I
> need. Any ideas? Thanks!
>
> Adam
>
>
> This message contains information which may be confidential and privileged.
> Unless you are the addressee (or authorized to receive for the addressee),
> you may not use, copy or disclose to anyone the message or any information
> contained in the message. If you have received the message in error, please
> advise the sender by reply e-mail, and delete or destroy the message. Thank
> you.
>
>
>
Other related posts:
