The new password that Brian scribbled down was easy to come up with. Now to get it applied to all of his workstations.
He sighs. Nothing like managing local admin accounts. It makes him appreciate Active Directory even more.
Brian likes his job, mostly. Today, however, seems to be an exception. While reviewing his installed software inventory reports, Brian discovers that a user has installed some unauthorized software. Looks like the local admin account password has gotten out.
Upon further digging he discovers that Randy in accounting has installed his home version of Adobe Acrobat. Brian cracks his knuckles and reaches for the Extra Strength Excedrin that he keeps on his cubicle shelf.
Randy has now exposed the company to two serious threats:
1. An application has been on its network that IT wasn’t aware of. Brian remembers that Adobe released a critical security patch a couple of months ago. (Thanks for leaving the back door open, Randy.)
2. They now have unlicensed software in their environment. This opens the company up to possible legal action. (The fines alone are higher than Brian’s entire IT budget.)
In short, it’s time to change the local admin password… again.
Brian opens Admin Arsenal, right-clicks on his “Online Workstations” collection, and selects Tools > Remote Command.
In four words he changes the local password on 175 workstations:
The net user command is deployed to all 175 of his workstations in less than two minutes. No users are interrupted.
With the easy part now done, Brian walks toward the office of Randy’s manager. Yep, sometimes he likes his job.
Note: It’s a good idea to rename your local admin account from default Administrator (but you already knew that).
Follow @admarsenal on Twitter for more tips and tricks!
Shawn is the co-founder of PDQ.