Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Change local admin password with GOP

Posted on 2013-12-18
5
Medium Priority
?
529 Views
Last Modified: 2013-12-30
I've been looking over lots of posts on this and can't seem to nail it down.

Got a single domain with 180 laptops for students. The local "Administrator" account is disabled and we use a local account called cityadmin to log in locally with local admin rights.

I want to set up a GPO that will change the local cityadmin password.

Using Windows 08 server R2 as DC and WIndows 7 64bit Enterprise as clients.

After creating a GPO, I go to Computer - Preferences - Control Panel - Local users and groups

I create a NEW policy that updates local user cityadmin with a new password.

I link this to the OU with my machines.

I use gpupdate /force on a laptop

However, the laptop will process the user policy, but will give an error that it can't process the computer policy.

If I remove the GPO from the OU, both user and computer process fine.

Should this work?  Or will I need to go to scripting?

Thanks!
0
Comment
Question by:ejcrist
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39727539
I followed this little guide for using GPP:  http://social.technet.microsoft.com/Forums/windowsserver/en-US/b1e94909-bb0b-4e10-83a0-cd7812dfe073/change-local-administrator-password-thru-gpo?forum=winserverGP

Otherwise you can create a login script to do this which is in the link above or use this simple script:

net user administrator "local admin password"
0
 

Author Comment

by:ejcrist
ID: 39727627
Yeah, I have that exact link and followed the GPP settings.  I'd rather use GPP than a script if I can.
0
 
LVL 22

Expert Comment

by:Nick Rhode
ID: 39727675
What you can try (since they are laptops).  Do a direct connect and try it.  What might be happening is when the gpo is pulled the system is not technically connected and logging in using cached credentials.  Then it connects to wireless so gpo would not get pulled on startup.
0
 

Author Comment

by:ejcrist
ID: 39727682
Yep, already tried that.  Still get an error when trying to apply only the Computer preference.

The user policy applies successfully.

When I disable the preference on the server, then perform another gpupdate BOTH user and computer apply successfully.
0
 
LVL 1

Accepted Solution

by:
prashantpathak earned 2000 total points
ID: 39745965
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question