So we were using a GPO to disable the existing local administrator on scoped servers then create a new local admin with password and add it to the local administrators group.
Since we created that GPO, Microsoft have released a security patch to stop the password being modified in any way so this method is no longer usable for us (https://support.microsoft.com/en-au/help/2962486/ms14-025-vulnerability-in-group-policy-preferences-could-allow-elevation-of-privilege-may-13,-2014)
I'm having a tuff time trying to find a method to recreate the steps I was actioning in the GPO without going down the path of paying for a solution and was wondering if I have missed something?
Windows server 2003, 2008, 2012 clients.
| +-- JDMils |