Change Local Admin Pwd?
-
@JasGot said in Change Local Admin Pwd?:
No RMM Software? like Screen Connect? (Can always push it via GPO Software Deployment and have full access)
Do you have WMIC access to those PCs?
Can you remote execute powershell?
Can you set logon scripts with GPO?
The above questions are more about asking if you have confirmed access, not whether your task will work. I can give you commands to do what you want through any of the above means, if you have access.
If the free utilities don't work, you may not have these items enabled:
Remote Admin Through Firewall (netsh firewall set service RemoteAdmin enable)
WMI (netsh firewall add portopening protocol=tcp port=135 name=DCOM_TCP135)Tell us a little more about how you plan to send commands to those PCs. I know you wanted GPO, but if that is not available, we'll have to find another way.
I've never met a windows PC that couldn't be made managable via remote commands, some are very trying, but all can be overcome.
I've tried another free gui tool and had more success, but I still received the dreaded 'RPC server is unavailble' error, which I'm guessing is due to the local windows firewall.
In answer to these:
Do you have WMIC access to those PCs?
? How can I find out?
Can you remote execute powershell?
I'm not sure, but I'm guessing on the W7 clients I can, but on the W10 clients possibly not.
Can you set logon scripts with GPO?
Yes.Thanks for any help.
-
I'd either deploy LAPS via GP or, if you have an RMM, deploy a script that performs this task.
-
@siringo said in Change Local Admin Pwd?:
Thanks for any help.
Do you know that your domain admin account can login?
Have you tried Intelliadmin?
-
@siringo said in Change Local Admin Pwd?:
? How can I find out?
Post the answer to this command from an elevated cmd prompt:
wmic /NODE:"servername or IP Address" /USER:"yourdomain\administrator" OS GET Name
It will prompt you for the password.
-
@JasGot said in Change Local Admin Pwd?:
@siringo said in Change Local Admin Pwd?:
Thanks for any help.
Do you know that your domain admin account can login?
Yep it can log onto/into all domain PCs.Have you tried Intelliadmin?
No. I do have Teamviewer though. -
@JasGot said in Change Local Admin Pwd?:
@siringo said in Change Local Admin Pwd?:
? How can I find out?
Post the answer to this command from an elevated cmd prompt:
wmic /NODE:"servername or IP Address" /USER:"yourdomain\administrator" OS GET Name
It will prompt you for the password.
I ran that on one of the remote PCs and yes it did prompt for a password. Was that what you were after?
-
@siringo : If you have teamviewer, why not run this from the command line backend?
net user adminUserName password
You only have approximately 20 computers so it shouldn't take more than a few minutes.
If you have to create a new admin account :
net user adminUserName password /add net localgroup adaministrators adminUserName /add
-
@siringo said in Change Local Admin Pwd?:
I ran that on one of the remote PCs and yes it did prompt for a password. Was that what you were after?
Did you give it the password? Did it correctly respond with the os?
-
@manxam said in Change Local Admin Pwd?:
@siringo : If you have teamviewer, why not run this from the command line backend?
net user adminUserName password
You only have approximately 20 computers so it shouldn't take more than a few minutes.
If you have to create a new admin account :
net user adminUserName password /add net localgroup adaministrators adminUserName /add
This will do it.
-
@manxam said in Change Local Admin Pwd?:
@siringo : If you have teamviewer, why not run this from the command line backend?
net user adminUserName password
You only have approximately 20 computers so it shouldn't take more than a few minutes.
If you have to create a new admin account :
net user adminUserName password /add net localgroup adaministrators adminUserName /add
Sorry, what's the command line backend? I'm running TV v10. AFAIK I have to log into each PC, run CMD type in the command and log off.
I was hoping for something a little less laborious.
-
@siringo said in Change Local Admin Pwd?:
Sorry, what's the command line backend?
If you are more familiar with GPO, set a STARTUP script (Not a logon script) (startup and shutdown scripts run with system privileges) to run those two commands: net user and net localgroup, then reboot (or wait for reboot) the PC.
-
Thanks for the help fellas, I'll throw some brain power behind it and see what I end up with.
-
@siringo said in Change Local Admin Pwd?:
I was hoping for something a little less laborious.
Most RMMs have the ability to run a command without logging into the GUI. I haven't used TV but just assumed that it would offer this as well. I could be wrong...
-
@manxam said in Change Local Admin Pwd?:
@siringo said in Change Local Admin Pwd?:
I was hoping for something a little less laborious.
Most RMMs have the ability to run a command without logging into the GUI. I haven't used TV but just assumed that it would offer this as well. I could be wrong...
AFAIK it doesn't, but it might. ScreenConnect, MeshCentral, Salt, etc. all do.
-
That's one of the most important features of tools like that. We use it as much as the remote screen access.
-
@scottalanmiller said in Change Local Admin Pwd?:
That's one of the most important features of tools like that. We use it as much as the remote screen access.
Agreed!
-
saltstack, best CM with windows support
-
@Emad-R said in Change Local Admin Pwd?:
saltstack, best CM with windows support
just spent 6 seconds looking at the web site, looks too complex for my needs. Too many big scarey buzzwords.
-
@siringo said in Change Local Admin Pwd?:
@Emad-R said in Change Local Admin Pwd?:
saltstack, best CM with windows support
just spent 6 seconds looking at the web site, looks too complex for my needs. Too many big scarey buzzwords.
https://www.mangolassi.it/topic/19681/creating-a-salt-master-on-fedora-30
-
@siringo said in Change Local Admin Pwd?:
@Emad-R said in Change Local Admin Pwd?:
saltstack, best CM with windows support
just spent 6 seconds looking at the web site, looks too complex for my needs. Too many big scarey buzzwords.
SS can do a lot. It can also be a simple way to run remote commands