Avatar of sara2000
sara2000
 asked on

Enable local admin account

We have about 300 Windows servers. The local administrator account is disabled. I would like to enable the to rest the password.
Is there any ps script which you can share with me to enable the administrator account?
Windows OSActive DirectoryREST

Avatar of undefined
Last Comment
Bastiaan

8/22/2022 - Mon
Hello There

You should be able to use GPO for this.
http://tompopov.blogspot.com/2011/03/enable-windows-7-administrator-account.html

Or you can try Local Administrator Password Solution (LAPS) by Microsoft:
https://www.microsoft.com/en-us/download/details.aspx?id=46899

Alternative 3rd party solution:
Netwrix Bulk Password Reset
https://www.netwrix.com/local_admin_bulk_password_reset_freeware.html

https://community.spiceworks.com/topic/530062-changing-the-local-admin-passwords-across-the-network

I like the last one. It seems to be really simple to use.
sara2000

ASKER
I just want to enable the local admin , I have a third party solution to reset the password, unfortunately it will not enable the disabled account.
Hello There

Then use GPO for this.

If you prefer enable local admin account with a command line, there is an option:
net user administrator /active:yes

Open in new window

Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
arnold

what is the nature of the disabled account? why not create/add a new one and manage it.
https://www.experts-exchange.com/articles/31583/Active-Directory-Securely-Set-Local-Account-Passwords.html
sara2000

ASKER
Thank you all, my question is how to enable a local account using PS script for a few computers?
Something like
Get-ADComputer -Filter { (ObjectClass -eq "Computer")
then output the result in a txt file and enable the admin account one at a time.
arnold

⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Hello There

GPO will do the job.

Create a new GPO and go to: Computer configuration -> Policies -> Windows Settings -> Security Settings -> Security Options. On Right Pane click on Accounts: Administrator account status and change the settings to Enabled. Apply the policy to all desired computers.

If you want a script, deploy the startup script with GPO that contains:
net user administrator /active:yes

Open in new window

ASKER CERTIFIED SOLUTION
Bastiaan

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.