Solved

Change local admin password with GOP

Posted on 2013-12-18
5
512 Views
Last Modified: 2013-12-30
I've been looking over lots of posts on this and can't seem to nail it down.

Got a single domain with 180 laptops for students. The local "Administrator" account is disabled and we use a local account called cityadmin to log in locally with local admin rights.

I want to set up a GPO that will change the local cityadmin password.

Using Windows 08 server R2 as DC and WIndows 7 64bit Enterprise as clients.

After creating a GPO, I go to Computer - Preferences - Control Panel - Local users and groups

I create a NEW policy that updates local user cityadmin with a new password.

I link this to the OU with my machines.

I use gpupdate /force on a laptop

However, the laptop will process the user policy, but will give an error that it can't process the computer policy.

If I remove the GPO from the OU, both user and computer process fine.

Should this work?  Or will I need to go to scripting?

Thanks!
0
Comment
Question by:ejcrist
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39727539
I followed this little guide for using GPP:  http://social.technet.microsoft.com/Forums/windowsserver/en-US/b1e94909-bb0b-4e10-83a0-cd7812dfe073/change-local-administrator-password-thru-gpo?forum=winserverGP

Otherwise you can create a login script to do this which is in the link above or use this simple script:

net user administrator "local admin password"
0
 

Author Comment

by:ejcrist
ID: 39727627
Yeah, I have that exact link and followed the GPP settings.  I'd rather use GPP than a script if I can.
0
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39727675
What you can try (since they are laptops).  Do a direct connect and try it.  What might be happening is when the gpo is pulled the system is not technically connected and logging in using cached credentials.  Then it connects to wireless so gpo would not get pulled on startup.
0
 

Author Comment

by:ejcrist
ID: 39727682
Yep, already tried that.  Still get an error when trying to apply only the Computer preference.

The user policy applies successfully.

When I disable the preference on the server, then perform another gpupdate BOTH user and computer apply successfully.
0
 
LVL 1

Accepted Solution

by:
prashantpathak earned 500 total points
ID: 39745965
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question