prevent to change Administrator password

TheMSsForum.com: The Microsoft Software Forum

Hello

There is any wat to prevent (by policy or regestry) that a user of the
Administrators Local Group (Windows 2000 Prof./XP) can changes the
Administrator password ?

gracias.

PD: No AD

Best Regards
Top

Re: prevent to change Administrator password by Luuk

Luuk
Mon Sep 11 06:55:16 CDT 2006


<gm> schreef in bericht news:%23b7YOfZ1GHA.3644@TK2MSFTNGP03.phx.gbl...
> Hello
>
> There is any wat to prevent (by policy or regestry) that a user of the
> Administrators Local Group (Windows 2000 Prof./XP) can changes the
> Administrator password ?
>
> gracias.
>
> PD: No AD
>
> Best Regards
>
>

yes, remove the user from the Administrators Local Group.....


Top

Re: prevent to change Administrator password by Lanwench

Lanwench
Mon Sep 11 07:58:06 CDT 2006

In news:%23b7YOfZ1GHA.3644@TK2MSFTNGP03.phx.gbl,
gm <gm> typed:
> Hello
>
> There is any wat to prevent (by policy or regestry) that a user of the
> Administrators Local Group (Windows 2000 Prof./XP) can changes the
> Administrator password ?
>
> gracias.
>
> PD: No AD
>
> Best Regards

Don't put anyone you can't trust into the administrators group. You
shouldn't really even run your 'daily driver' login account with admin
rights.


Top

Re: prevent to change Administrator password by Roger

Roger
Mon Sep 11 08:16:27 CDT 2006

<gm> wrote in message news:%23b7YOfZ1GHA.3644@TK2MSFTNGP03.phx.gbl...
> Hello
>
> There is any wat to prevent (by policy or regestry) that a user of the
> Administrators Local Group (Windows 2000 Prof./XP) can changes the
> Administrator password ?
>
> gracias.

an admin is an admin
you can try to limit an admin, but they will escape


Top

Re: prevent to change Administrator password by karl

karl
Tue Sep 12 07:50:09 CDT 2006


<gm> wrote in message news:%23b7YOfZ1GHA.3644@TK2MSFTNGP03.phx.gbl...
> Hello
>
> There is any wat to prevent (by policy or regestry) that a user of the
> Administrators Local Group (Windows 2000 Prof./XP) can changes the
> Administrator password ?

Use Windows Auditing to monitor and detect when the password has been
changed.

http://securityadmin.info/faq.asp?auditing

You can use batch files with tools such as dumpel from www.sysinternals.com
or from the Windows Resource Kit [some of which is available for free
download from www.microsoft.com] to automate monitoring of the event logs
and alert you when a password has changed. [Note that Administrators have
the ability to clear event logs or run tools that delete certain entries
from them.] You could also use tools such as www.ipsentry.com which for
around $100 US will monitor and alert on changes in event logs.


--
kind regards,
Karl Levinson, CISSP, CCSA, MCSE [MS MVP]
--------------------------------
Microsoft Security FAQ:
http://securityadmin.info


Top