General discussion


Change local Admin password from AD

By rigmarol ·
I just had to let a trusted Tech go. He has the local admin password for all our workstations. We've locked his account out and he can't get into the building but he does have friends on the inside.

I need to change the local admin on all our domain PCs right away.

How can I do it without touching each and every PC?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Change local Admin passwo ...

well the local admin account is for the machine not domain. you can telnet in if telnet is running on each workstation and change the account that way.

Collapse -

by p.j.hutchison In reply to Change local Admin passwo ...

You can change the admin password with a VBS script and run it on startup via GPO to change it to another password. I have a script if you want it.

Collapse -

by ewgny In reply to Change local Admin passwo ...

The script solution would be the best, If you want to do it through AD Users and Computers, right click each computer object and select manage
You also may want to consider adding a Domain Global group to the local administrators group on each workstation. This way in the future you can control who is a local administrator by adjusting the group membership of the domain group that you added to the local administrator group. The domain group can also be added to the local administrator group prior to imaging a workstation, so future deployed workstations will always include the dimain group

Collapse -

by djbrown62 In reply to Change local Admin passwo ...

There's a utility called CryptPwd.exe that can change the local admin password for a remote machine.

It can be downloaded here:

cryptpwd -m \\<machine_name> -P <new_Password>

You could set up a batch file to call this once for each machine.

You'll need to run this from an account that has admin rights to the target machine.

Collapse -

by hakoracle In reply to Change local Admin passwo ...

1st sen:
use scriptlogic advance feature to automate this....

if you are using xp/2k and use terminal services and set rights to acces each pc remotely and reset pwd


user remote admin soft for this

Related Discussions

Related Forums