blank local passwords

Is there a GPO in server 2008 that I can use to remove any LOCAL user accounts with blank passwords or at a minimum give that account a password??


Please advise
Rbbedz1Asked:
Who is Participating?
 
Rich WeisslerConnect With a Mentor Professional Troublemaker^h^h^h^h^hshooterCommented:
You can very easily limit local accounts with blank passwords so that they can only log in at the console... no network access.  Does that help?

Otherwise, I think could probably define a startup script to find local accounts with blank passwords, and disable them.
0
 
McKnifeCommented:
That script would do. But if we think of lazy local admins that simply re-enable the account and leave the password blank, you should add a password policy to your domain (which effectively works for local accounts, too). Then you could use another neat function that sets at least an 8-char-random password. You would apply that command to the usernames you found.
net user username /random

There are also powershell scripts that can set long random passwords, I could provide one if you need.
0
 
Rbbedz1Author Commented:
I already have the limit local accounts with blank passwords so that they can only log in at the console... enabled
and I have a domain acct password policy in effect

What I was hoping to do was search for local accounts that have been setup and possibly with blank password.  I want to make sure that there are no local accts with blank passwords and change if there is

if you can send the ps script with instructions on how to run/use that would be greatly appreciated.

rbbedz1
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Rbbedz1Author Commented:
tell me more about this "should add a password policy to your domain (which effectively works for local accounts, too). Then you could use another neat function that sets at least an 8-char-random password. You would apply that command to the usernames you found.
 net user username /random"


this sounds very intriguing..
0
 
McKnifeCommented:
"What I was hoping to do was search for local accounts that have been setup and possibly with blank password" - ...and that is exactly what Razmus provided. That script, did you try it?

Will come with more, soon.
0
 
McKnifeCommented:
0
All Courses

From novice to tech pro — start learning today.