Q

Can a non-administrator change the local administrator password on 50 workstations?

In this network security Ask the Expert Q&A our resident expert discusses if it's possible to use the login script to change the local admin password.

I need to change the local Administrator password on 50 computers and I want to do so using the logon script. I tried to use cryptpwd.exe, but you need administrator rights for it to work. Is there a way to make it work when the users log in to the network?
My initial reaction is to ask why a non-administrator is changing the local administrator password on 50 workstations. Generally, only administrators should know the local administrator account password. If that's the case, then you can use cryptpwd from any workstation in the domain to handle setting the local account passwords on the desired workstations.

Another issue that concerns me is I assume the script you want to run at log in would contain a cleartext version of the local administrator password. It's generally not good practice to have files containing this type of data reside on workstations for any length of time. If you need to distribute the script to multiple workstations, you should do so from a centralized workstation once and then remove the file yourself.

More Information

  • Identify proper provisioning procedures in this excerpt from Chapter 5 of The Definitive Guide to Security Management, by Dan Sullivan.
  • Learn how to manage password requests and resets, with this Ask the Expert Q&A.
This was first published in April 2006

Dig deeper on Web Authentication and Access Control

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close