Just my $.02, I recommend this solution for local admin password management, AD integrated: https://code.msdn.microsoft.com/Solution-for-management-of-ae44e789
How-to guide here: http://blogs.technet.com/b/askpfeplat/archive/2014/05/19/how-to-automate-changing-the-local-administrator-password.aspx We ran into the situation where we could no longer modify the group policy assigned local passwords and this worked perfectly in place of it. Passwords are random and automatically changed and stored in AD in an attribute of the computer account. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Monday, January 26, 2015 8:48 AM To: [email protected] Subject: RE: [NTSysADM] Local password managment. Thanks for the information. That also makes it a non-starter for me and my clients. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Friday, January 23, 2015 6:51 PM To: [email protected] Subject: Re: [NTSysADM] Local password managment. After looking at the docs, this was developed on Linux, and probably performs best there. You can install it on Windows (and there are directions on how to do that), but that means installing Ruby and ancillary gems. While I personally/professionally have no problem with either option (Windows/Linux), it's not something that's going to go well in my environment, where anything non-commercial and non-standard Windows is frowned upon. Under different circumstances, I'd implement and test this immediatelly. I think the SANS solution could be much improved (usability is lacking for those who don't like command line interactions - it would be vastly improved if it were fronted with a web interface, and the passwords stored in a database), but it looks like the better alternative for $JOB at this point. (for reference: http://cyber-defense.sans.org/blog/2013/08/01/reset-local-administrator-password-automatically-with-a-different-password-across-the-enterprise) Kurt On Thu, Jan 22, 2015 at 8:11 AM, Kennedy, Jim <[email protected]> wrote: > New open source system to change and manage local passwords on desktops. > Written by one of my kids employee’s. > > > > https://www.trustedsec.com/january-2015/introducing-ships-centralized- > local-password-management-windows/ > > -- *** Pomp's SpamFilter identified this as CLEAN. Give feedback: *** This is SPAM: http://smtp.pompstire.com/ms?k=.7wVzSOwseCg *** More options: http://smtp.pompstire.com/md?k=.7wVzSOwseCg
