Cusmgr has the capability to utilize a randomly generated password. We run a sript that will run through a list of computers and change the admin password on each one. This allows us to reset the Admin password without having it stored somewhere. We use domain accounts to perform any admin activities on the box. If something happens where we need to access the administrator account, we can change the password using a domain account that has admin rights on the box, or we use ERD commander to reset the admin password.
Denny > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Wednesday, August 25, 2004 3:39 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Local admin acct > > Get cusrmgr from the Support Tools (or is it Reskit). Put that in the > netlogon share of one of your DCs. > > Then create a batch file with the following: > @Echo off > %logonserver\netlogon\cusrmgr -u administrator -P thepassword > goto :EOF > > Now create (or edit) a GPO that assigns a machine Startup > Script and tell it > to use this batch file. > > > Sincerely, > > D�j� Ak�m�l�f�, MCSE MCSA MCP+I > Microsoft MVP - Directory Services > www.readymaids.com - we know IT > www.akomolafe.com > Do you now realize that Today is the Tomorrow you were worried about > Yesterday? -anon > > ________________________________ > > From: [EMAIL PROTECTED] on behalf of Mike Hogenauer > Sent: Wed 8/25/2004 11:54 AM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] Local admin acct > > > > Curious does anyone have a script that will change the local > admin password > on all computers in the domain or point me to a good location? > > > > Thank You > > > > Mike > > > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
