Educause Security Discussion mailing list archives
Re: Local Administrator password change for many computers
From: Jason Gates <jasongates () SOUTHERN EDU>
Date: Sun, 7 Oct 2012 16:10:19 +0000
I was concerned about how GPP stores the credentials. From what I read, any authenticated user could read SYSVOL, and the key used to encrypt the password is easily attainable. sources: http://blogs.technet.com/b/grouppolicy/archive/2008/08/04/passwords-in-group-policy-preferences.aspx http://esec-pentest.sogeti.com/exploiting-windows-2008-group-policy-preferences -- Jason Gates IT Security Consultant Southern Adventist University ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of George Chiorescu-Petre [George.Chiorescu () PROVISION RO] Sent: Sunday, October 07, 2012 11:16 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Local Administrator password change for many computers Why aren't you using group policy? I saw you looked into it. George ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of H Morrow Long [morrow.long () YALE EDU] Sent: Friday, October 05, 2012 8:20 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Local Administrator password change for many computers There are a number of commercial vendor solutions of SAPM (Gartner term – Secure Administrator Password Management) packages to track, set, reset and invalidate local administrator and 'service' accounts across servers : Cyber-Ark Lieberman Symark (PowerKeeper) CA Etc… From: Jason Gates <jasongates () SOUTHERN EDU<mailto:jasongates () SOUTHERN EDU>> Reply-To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Friday, October 5, 2012 12:20 PM To: EDUCAUSE Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: [SECURITY] Local Administrator password change for many computers Has anyone come across a good method for changing local administrator passwords on many computers? I've looked into: pspasswd from sysinternals group policy preferences SCCM scripts I'm not impressed with how GPP obfuscates the password, scripts are insecure(?) and pspasswd is not very ellegant since it requires the computer to be alive at the time its run. Any other ideas? -- Jason Gates IT Security Consultant Southern Adventist University
Current thread:
- Local Administrator password change for many computers Jason Gates (Oct 05)
- Re: Local Administrator password change for many computers H Morrow Long (Oct 05)
- Re: Local Administrator password change for many computers George Chiorescu-Petre (Oct 07)
- Re: Local Administrator password change for many computers Jason Gates (Oct 07)
- Re: Local Administrator password change for many computers George Chiorescu-Petre (Oct 07)
- Re: Local Administrator password change for many computers Eric Case (Oct 08)
- Re: Local Administrator password change for many computers H Morrow Long (Oct 05)