Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Windows XP > Remotely Change XP Account Type

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Remotely Change XP Account Type

Reply to Message Icon

Name: powlaz
Date: October 14, 2008 at 11:44:21 Pacific
OS: XP SP2/SP3
CPU/Ram: varies
Product: varies
Comment:

I've got 50+ XP computers on a Windows Server 2003 AD network that need the following changes:

1. All user accounts need to be changed from local Administrator to Limited.
2. One installation directory on all PCs needs to have an AD group added to its permissions and granted full rights
3. One registry key on all PCs (HKLM) needs to have the same AD group added to its permissions and granted full rights

I'd like to avoid doing this 1000 times. Some of the PCs have 10 active user accounts all with local Admin rights that need to be changed.

Is there a way to change every user account on every PC to a "Limited" account through a batch file or otherwise remotely?

Is there a way to change the permissions (add a group with full permissions) of the registry key and the directory remotely also?

Thanks for the help.

MJ



Sponsored Link
Ads by Google

Response Number 1
Name: jefro
Date: October 14, 2008 at 13:33:40 Pacific
Reply:

Think we are starting out wrong.

Might be better off deleting all local user accounts except one local admin who is not a user. All domain computers ought to authenticate domain users. Not sure there is a good reason to have local accounts.

"Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10


0

Response Number 2
Name: powlaz
Date: October 14, 2008 at 13:55:51 Pacific
Reply:

Let me clarify - our domain users are given local admin rights (local Administrator Group membership) on their computer, not local accounts. I need to remove them from the local Administrators group and put them in the Local Users Group (Restricted User rights)without having to sit down at every PC and change every user.


0

Response Number 3
Name: Jennifer SUMN
Date: October 14, 2008 at 14:33:11 Pacific
Reply:

Why do you want to give the local accounts? or are you saying you want them to only be members of the Domain Users Group?

You can remove users from the Local Admin Group by using a GPO. http://windowsitpro.com/article/art... tells you how. Or Google the phrase "gpo to remove users from administrator group"


"So won’t you give this man his wings
What a shame
To have to beg you to see
We’re not all the same
What a shame" - Shinedown


0

Response Number 4
Name: powlaz
Date: October 14, 2008 at 15:48:53 Pacific
Reply:

Jennifer - not sure I understand the first part of your reply. But the link to the GPO is a good start for accomplishing what I need to do. Thanks.

Any insights on changing file and registry permissions via a script, batch file, or otherwise remotely?


0

Sponsored Link
Ads by Google
Reply to Message Icon

Related Posts

See More



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Windows XP Forum Home


Sponsored links
Ads by Google


Results for: Remotely Change XP Account Type
How many account types in XP? www.computing.net/answers/windows-xp/how-many-account-types-in-xp/15950.html

xp account types www.computing.net/answers/windows-xp/xp-account-types/83529.html

Admin acc. changed to guest account www.computing.net/answers/windows-xp/admin-acc-changed-to-guest-account/167512.html