Saw that. My mitigation is to use the GPO for a week then nuke it, as our standard builds show follow the new PW convention and the GPO is to just catch up the previously-built systems.
Thoughts? Dave From: Brian Desmond [mailto:[email protected]] Sent: Monday, January 16, 2012 12:38 PM To: NT System Admin Issues Subject: RE: Quarterly Admin password change Keep this in mind - http://blogs.technet.com/b/grouppolicy/archive/2008/08/04/passwords-in-group-policy-preferences.aspx. Thanks, Brian Desmond [email protected]<mailto:[email protected]> w - 312.625.1438 | c - 312.731.3132 From: David Lum [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Monday, January 16, 2012 8:04 AM To: NT System Admin Issues Subject: RE: Quarterly Admin password change +1 just did that myself via GPP. Our "local admin maintenance GPO" does two things: * Renames the local admin account. * Sets the password on the added-in local administrator account. Dave From: ed ziots [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Sunday, January 15, 2012 2:49 PM To: NT System Admin Issues Subject: RE: Quarterly Admin password change +1, that is pretty easy one. Also make sure you rename it to something else than "Administrator" and create a dummy admin account which is only a "Guest" and disabled, and audit its attempted use for audit and incident response purposes. Also can script it out with cusrmgr.exe from the Windows 2000 resource kit. Z Edward E. Ziots Senior Informational Security Engineer CISSP,Security +,Network+ > From: [email protected]<mailto:[email protected]> > To: > [email protected]<mailto:[email protected]> > Subject: RE: Quarterly Admin password change > Date: Sun, 15 Jan 2012 22:42:35 +0000 > > Easy to do with GPP or with a script. > > Regards, > > Michael B. Smith > Consultant and Exchange MVP > http://TheEssentialExchange.com > > -----Original Message----- > From: Juned Shaikh > [mailto:[email protected]]<mailto:[mailto:[email protected]]> > Sent: Sunday, January 15, 2012 5:16 PM > To: NT System Admin Issues > Subject: Quarterly Admin password change > > I am trying to identify how are you folks managing the security requirement > of changing Local admin password of all servers quarterly? > > Thanks in advance, > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to > [email protected]<mailto:[email protected]> > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
