sara2000
asked on
Enable local admin account
We have about 300 Windows servers. The local administrator account is disabled. I would like to enable the to rest the password.
Is there any ps script which you can share with me to enable the administrator account?
Is there any ps script which you can share with me to enable the administrator account?
ASKER
I just want to enable the local admin , I have a third party solution to reset the password, unfortunately it will not enable the disabled account.
Then use GPO for this.
If you prefer enable local admin account with a command line, there is an option:
If you prefer enable local admin account with a command line, there is an option:
net user administrator /active:yes
what is the nature of the disabled account? why not create/add a new one and manage it.
https://www.experts-exchange.com/articles/31583/Active-Directory-Securely-Set-Local-Account-Passwords.html
https://www.experts-exchange.com/articles/31583/Active-Directory-Securely-Set-Local-Account-Passwords.html
ASKER
Thank you all, my question is how to enable a local account using PS script for a few computers?
Something like
Get-ADComputer -Filter { (ObjectClass -eq "Computer")
then output the result in a txt file and enable the admin account one at a time.
Something like
Get-ADComputer -Filter { (ObjectClass -eq "Computer")
then output the result in a txt file and enable the admin account one at a time.
See if the following helps, reads data from text file
https://gallery.technet.microsoft.com/scriptcenter/List-of-Users-from-Remote-66def6c2
https://gallery.technet.microsoft.com/scriptcenter/List-of-Users-from-Remote-66def6c2
GPO will do the job.
Create a new GPO and go to: Computer configuration -> Policies -> Windows Settings -> Security Settings -> Security Options. On Right Pane click on Accounts: Administrator account status and change the settings to Enabled. Apply the policy to all desired computers.
If you want a script, deploy the startup script with GPO that contains:
Create a new GPO and go to: Computer configuration -> Policies -> Windows Settings -> Security Settings -> Security Options. On Right Pane click on Accounts: Administrator account status and change the settings to Enabled. Apply the policy to all desired computers.
If you want a script, deploy the startup script with GPO that contains:
net user administrator /active:yesASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://tompopov.blogspot.com/2011/03/enable-windows-7-administrator-account.html
Or you can try Local Administrator Password Solution (LAPS) by Microsoft:
https://www.microsoft.com/en-us/download/details.aspx?id=46899
Alternative 3rd party solution:
Netwrix Bulk Password Reset
https://www.netwrix.com/local_admin_bulk_password_reset_freeware.html
https://community.spiceworks.com/topic/530062-changing-the-local-admin-passwords-across-the-network
I like the last one. It seems to be really simple to use.