In many situations we need to reset the Local Administrator password and add Domain Admins to the Local Administrator group on a server or client machine without visiting each machines. If you don’t know the password and don’t have access to the severs, you can run this simple script as a Startup/Shutdown script (Computer Configuration->Windows Settings-> Scripts (Startup/Shutdown) in conjunction with Group Policy. Create batch file (.bat extension) using notepad and add the following commands:
Net User Administrator <your password>
Net Localgroup /Add “Administrators” “Domain Admins”
The first command changes the Administrator password to <your password>. The second command will add the Domain Admins group to the Local Administers group on the local machine. Add this batch file as either a Startup or Shutdown script. Leave it there for a while or enable the “force restart” of the servers. Have fun!
Santhosh Sivarajan is an Infrastructure and Security Architect in Houston, Texas. He is MCSE (W2K3/W2K/NT4), MCP+I, MCSA (W2K3/W2K/MSG) and CCNA certified. His expertise includes Active Directory, Exchange, Migrations, Microsoft Security, RMS, ISA Server, MOM, LCS etc.