Solved

Is there a built in way in Active directory to force change admin password.?

Posted on 2008-10-29
9
257 Views
Last Modified: 2012-05-05
Hi,

Is there a built in way in Active directory to force change admin password.?
Local Admin
Windows 2003 ADS

Regards
Sharath
0
Comment
Question by:bsharath
  • 5
  • 3
9 Comments
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22831502
No, Its not possible.....you have to do it manually.
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22831518
You can create a gp to force change password,move admin account to a OU and link the policy in that OU...... but i have not tried this and i willl never suggest this for default Administrator account
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22831538
Why do you actually need this ? any specifc reasons ?
0
 
LVL 11

Author Comment

by:bsharath
ID: 22831869
So the password is not know to all. As the current local Admin password is known to all now.
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22832763
oh..wait a minute.....

Do you want to change the AD administrator password or the local administrator on the machines connected to the Domain?

If you want to change the local admin password on all the workstations, it is doable with scripts...
0
 
LVL 18

Accepted Solution

by:
sk_raja_raja earned 400 total points
ID: 22832797
1.Change Local Administrator Passwords [ChgPassword.hta] is a hyper text application (HTA) that will assist you in automatically changing the password on the local administrator account on multiple machines at one time. It is very easy to use, you simply double-click the ChgPassword.hta file to start the application. Next...

    * Enter the NEW admin password
    * Select the target domain (from drop down list)
    * Select the target machines by choosing their parent OU (drop down list)
    * Click the [Change Password] button

< http://www.scriptingpod.com/localadmin.asp >

2.Ref this posts for "how to change local admin on workstations"
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_23111276.html
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_23111276.html
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_23111276.html
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_23111276.html
http://www.experts-exchange.com/Programming/Languages/Scripting/Shell/Batch/Q_23568766.html
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_22980901.html

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_22662474.html
0
 
LVL 1

Assisted Solution

by:gfunk9132
gfunk9132 earned 100 total points
ID: 22833715
Sharath,

Working in healthcare we do this on a quarterly basis.  We simply use a start up script for the GPO holding all of the workstations and have a report written to a secured network share that the Domain Computers security group has access to.  See batch file example below - in the example our renamed local admin account is called JEFFATHER:


net user JEFFATHER $$7899Irr# > \\DOMAIN.LOCAL\NETLOGON\ITRPTS\%COMPUTERNAME%.TXT

The output is a changed password and a confirmation to us Admins that in the netlogon share in our IT reports folder a text file named after the computer and the end result which is "The command completed successfully"  
0
 
LVL 11

Author Comment

by:bsharath
ID: 22840848
Thank U
0
 
LVL 11

Author Comment

by:bsharath
ID: 22843550
Congrats on your new Certificate...you earned :-))
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now