I have deployed an Active Directory in a small company. Each and every user is trusted with local admin privileges on his computer with his domain account.
However, in case the users can't log on to their computer, I need to have local Admin accounts enabled and with a password. Trouble is, because password change via GPOs has been removed I can't use it to change admin password.
This removal is due to a security flaw, which is irrelevant because users are local admins.
What I need is an easy way to activate and change builtin admin accounts' password, via GPO, without the trouble of a two-pages long script (I know there's one). The password should be the same for everyone and never change.
Best Answer
Add this a logon script select Powershell, remember administrator account remains disabled we need to active it added at last line of script.