Hi,
How to do this ? I have two propositions:
1) through GPO ( startup user or computer script )
2) through script run from server by administrator
Is any other possibility to do this ?
Best regards,
Marcin
Hi,
How to do this ? I have two propositions:
1) through GPO ( startup user or computer script )
2) through script run from server by administrator
Is any other possibility to do this ?
Best regards,
Marcin
Hello Marcin,
With Windows server 2008 Group policy preferences can do it also. Requires
at least Windows XP or higher OS with Client side extensions installed.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> Hi,
> How to do this ? I have two propositions:
> 1) through GPO ( startup user or computer script )
> 2) through script run from server by administrator
> Is any other possibility to do this ?
>
> Best regards,
> Marcin
There are third party apps out there that will do this for you. I would try
and avoid a local script (Login script) since the password could get
revealed. We wrote a script that will change all the remote servers local
admins. From a centralized machine.
If you Bing this you should be able to find scripts on the web as well.
Example below
http://articles.techrepublic.com.com...1-5198818.html
--
Paul Bergson
MVP - Directory Services
MCITP - Enterprise Administrator
MCTS, MCT, MCSE, MCSA, MCP, Security +, BS CSci
2008, Vista, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewGroups. This
posting is provided "AS IS" with no warranties and confers no rights.
"Marcin" <Marcin@discussions.microsoft.com> wrote in message
news:B824175D-F262-488B-AD5B-D432D9D786E8@microsoft.com...
> Hi,
> How to do this ? I have two propositions:
> 1) through GPO ( startup user or computer script )
> 2) through script run from server by administrator
>
> Is any other possibility to do this ?
>
> Best regards,
> Marcin
"Marcin" <Marcin@discussions.microsoft.com> wrote in message
news:B824175D-F262-488B-AD5B-D432D9D786E8@microsoft.com...
> Hi,
> How to do this ? I have two propositions:
> 1) through GPO ( startup user or computer script )
> 2) through script run from server by administrator
>
> Is any other possibility to do this ?
>
> Best regards,
> Marcin
I prefer the second option. The first option can reveal the password. Also,
with option 2 you know when the password has been changed on each computer.
And you don't need to wait for the computer to be started. I have an example
VBScript program I have used to change local administrator passwords in bulk
linked here:
http://www.rlmueller.net/Reset_Local..._Passwords.htm
This program maintains a "missed" computers text file. If there is no such
text file, the program attempts to reset the password for all computers in
the domain. You can start with a list of computer NetBIOS names to limit the
scope. If any computers cannot be contacted, they are added to a new
"missed" computer list. You can run the program repeatedly until the
"missed" computer list is empty.
--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
> With Windows server 2008 Group policy preferences can do it also. Requires
> at least Windows XP or higher OS with Client side extensions installed.
Thank you for answer. Could you point any article how to use
ClientSideExtensions especially to set local admin password ?
Is it possible to use CSE in 2003 domain ( without any 2008 DC )?
Best regards,
Marcin
Hello Marcin,
Client side extensions must be installed on XP, so they are able to work
with Group policy preferences. In a pure Windows server 2003 domain you can't
use them. At least one Windows server 2008, member server is sufficient,
is needed.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>> With Windows server 2008 Group policy preferences can do it also.
>> Requires at least Windows XP or higher OS with Client side extensions
>> installed.
>>
> Thank you for answer. Could you point any article how to use
> ClientSideExtensions especially to set local admin password ?
>
> Is it possible to use CSE in 2003 domain ( without any 2008 DC )?
>
> Best regards,
> Marcin
First Thanks all for answer and scripts. I will use one of them.
Meinolf Weber [MVP-DS]
How to use Client Side Extensions with change password? Is it possible to
use it in 2003 enviroment ( DC are ona Windows 2003 but I have some Windows 7
in network )
Paul Bergson [MVP-DS]
Why don't you think that password could be revealed ? In GPO permissions
with that script I clean read and apply for authenticated users and add only
permissions to workstations. How user can get password ?
Best regards,
Marcin
People are smarter than you think. I just wouldn't trust it, but that is
me. Plus, you never know who has logged on or off on a machine and then you
start to have multiple passwords, if you run a remote script you can report
on who has or hasn't been changed much easier.
Your enterprise do as you see fit, but I would manage remotely.
--
Paul Bergson
MVP - Directory Services
MCITP - Enterprise Administrator
MCTS, MCT, MCSE, MCSA, MCP, Security +, BS CSci
2008, Vista, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewGroups. This
posting is provided "AS IS" with no warranties and confers no rights.
"Marcin" <Marcin@discussions.microsoft.com> wrote in message
news:B14A82FE-A831-43E8-8C41-A83B02B5F4F9@microsoft.com...
> First Thanks all for answer and scripts. I will use one of them.
>
> Meinolf Weber [MVP-DS]
> How to use Client Side Extensions with change password? Is it possible to
> use it in 2003 enviroment ( DC are ona Windows 2003 but I have some
> Windows 7
> in network )
>
> Paul Bergson [MVP-DS]
> Why don't you think that password could be revealed ? In GPO permissions
> with that script I clean read and apply for authenticated users and add
> only
> permissions to workstations. How user can get password ?
>
> Best regards,
> Marcin
Hello Marcin,
Client side extensions only cannot be used to change paswords , you must
them use together with the new windows OS version.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> First Thanks all for answer and scripts. I will use one of them.
>
> Meinolf Weber [MVP-DS] How to use Client Side Extensions with change
> password? Is it possible to use it in 2003 enviroment ( DC are ona
> Windows 2003 but I have some Windows 7 in network )
>
> Paul Bergson [MVP-DS]
> Why don't you think that password could be revealed ? In GPO
> permissions
> with that script I clean read and apply for authenticated users and
> add only
> permissions to workstations. How user can get password ?
> Best regards,
> Marcin
Posting Permissions
Reply With Quote
Bookmarks