Change all my Local Admin passwords automatically...

Archived from groups: microsoft.public.win2000.security (More info?)

I need to know how to automatically change my local admin passwords.

I have AD 2000 enviornment. I'm afraid someone got ahold of my local admin
and now users will be able to configure their computers with run as.

Thanks.
4 answers Last reply
More about change local admin passwords automatically
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    http://support.microsoft.com/default.aspx?scid=kb;EN-US;272530 "How to Use
    the Cusrmgr.exe Tool to Change Administrator Account Password on Multiple
    Computers"


    "news.microsoft.com" <malic@nospam.houston.rr.com> wrote in message
    news:%23I5E6PyXEHA.1764@TK2MSFTNGP10.phx.gbl...
    >I need to know how to automatically change my local admin passwords.
    >
    > I have AD 2000 enviornment. I'm afraid someone got ahold of my local
    > admin
    > and now users will be able to configure their computers with run as.
    >
    > Thanks.
    >
    >
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    If you use the same local admin password on a group of computers use the
    "net user username newpassword" command in a batchfile that would be a
    "startup" script and would be applied at next reboot of the computers. After
    you configure the batch file, remove the users and everyone group from
    permissions to it and give it read/execute permissions for the domain
    computers group so that no one can navigate to the sysvol folder and read
    the new password. If you go that route, try to do it at the OU level where
    you could even move the computers to temporarily so that the local
    administrator password gets changed only for that group of computers. If
    servers are involved you need to change those passwords ASAP and can do it
    remotely through Computer Management/local users and groups but you also
    have to check the membership of the local administrators group in case some
    user created and administrator account for himself.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;322241


    You can also change user passwords remotely through the command line or in a
    batch file using a utility from SysInternals called pspasswd. See the link
    below for details. --- Steve

    http://www.sysinternals.com/ntw2k/freeware/pspasswd.shtml


    "news.microsoft.com" <malic@nospam.houston.rr.com> wrote in message
    news:#I5E6PyXEHA.1764@TK2MSFTNGP10.phx.gbl...
    > I need to know how to automatically change my local admin passwords.
    >
    > I have AD 2000 enviornment. I'm afraid someone got ahold of my local
    admin
    > and now users will be able to configure their computers with run as.
    >
    > Thanks.
    >
    >
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    You can use the command "net user username new password" in a batch file to
    run as a "startup" script for a group of computers in an Organizational Unit
    [where you could move them temporarily] if you use the same password. After
    you put that script in the startup folder be sure to remove permissions to
    that file for users and everyone and add domain computers so that users can
    not go to the sysvol share and read the new password. Of course you want to
    change passwords on any servers involved ASAP and check their local
    administrators group membership to make sure a user did not create an
    account for himsef. You can use Computer Management to change passwords on
    remote computers.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;322241

    You can also change the passwords of remote computers [assuming you are an
    admin on them] using the free pspasswd utility from SysInternals and can
    also do it in batch file or refer to a file with computer names. That way
    has the advantage of not having to wait for a reboot that would be needed
    for a startup script. See the link below for more details. --- Steve

    http://www.sysinternals.com/ntw2k/freeware/pspasswd.shtml

    "news.microsoft.com" <malic@nospam.houston.rr.com> wrote in message
    news:#I5E6PyXEHA.1764@TK2MSFTNGP10.phx.gbl...
    > I need to know how to automatically change my local admin passwords.
    >
    > I have AD 2000 enviornment. I'm afraid someone got ahold of my local
    admin
    > and now users will be able to configure their computers with run as.
    >
    > Thanks.
    >
    >
  4. Archived from groups: microsoft.public.win2000.security (More info?)

    You can use the command "net user username new password" in a batch file to
    run as a "startup" script for a group of computers in an Organizational Unit
    [where you could move them temporarily] if you use the same password. After
    you put that script in the startup folder be sure to remove permissions to
    that file for users and everyone and add domain computers so that users can
    not go to the sysvol share and read the new password. Of course you want to
    change passwords on any servers involved ASAP and check their local
    administrators group membership to make sure a user did not create an
    account for himsef. You can use Computer Management to change passwords on
    remote computers.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;322241

    You can also change the passwords of remote computers [assuming you are an
    admin on them] using the free pspasswd utility from SysInternals and can
    also do it in batch file or refer to a file with computer names. That way
    has the advantage of not having to wait for a reboot that would be needed
    for a startup script. See the link below for more details. --- Steve

    http://www.sysinternals.com/ntw2k/freeware/pspasswd.shtml

    "news.microsoft.com" <malic@nospam.houston.rr.com> wrote in message
    news:#I5E6PyXEHA.1764@TK2MSFTNGP10.phx.gbl...
    > I need to know how to automatically change my local admin passwords.
    >
    > I have AD 2000 enviornment. I'm afraid someone got ahold of my local
    admin
    > and now users will be able to configure their computers with run as.
    >
    > Thanks.
    >
    >
Ask a new question

Read More

Security Microsoft Windows