Actually useful Administrator tool request

%3CLINGO-SUB%20id%3D%22lingo-sub-166879%22%20slang%3D%22en-US%22%3EActually%20useful%20Administrator%20tool%20request%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-166879%22%20slang%3D%22en-US%22%3E%3CP%3EI%20would%20like%20to%20see%20a%20way%20for%20Administrators%20to%20log%20into%20a%20user's%20account%20on%20their%20desktop%20to%20help%20configure%20profiles%20or%20troubleshoot%20issues%20without%20needing%20to%20reset%20or%20utilize%20their%20password.%26nbsp%3B%20A%20sort%20of%20admin%20over-ride%20for%20a%20user%20account%20to%20proxy%20the%20user%20account.%26nbsp%3B%20It%20Could%20be%20formatted%20in%20the%20username%20box%20like%20this%3A%3C%2FP%3E%0A%3CP%3EUsername%3A%20DOMAIN%5CAdministrator%5Cproxyusername%3C%2FP%3E%0A%3CP%3EPassword%3A%20AdminPassword%3C%2FP%3E%0A%3CP%3EThis%20would%20be%20helpful%20for%20providing%20assistance.%26nbsp%3B%20If%20privacy%20or%20audit%20is%20a%20concern%20Microsoft%20can%20have%20the%20system%20generate%20a%20pop-up%20message%20that%20the%20user%20sees%20the%20next%20time%20the%20account%20is%20logged%20into%20by%20the%20actual%20user%20not%20the%20proxy%20admin.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThere%20have%20been%20a%20number%20of%20times%20where%20I%20have%20had%20to%20do%20support%20for%20a%20user%20and%20don't%20have%20their%20password%20and%20end%20up%20having%20to%20reset%20it%20and%20waste%20a%20perfectly%20good%20password%20that%20can%20then%20no%20longer%20be%20used%20for%20X%20amount%20of%20passwords%20because%20of%20our%20regulatory%20requirements%20where%20a%20simple%20fix%20could%20have%20been%20implemented%20without%20the%20need%20for%20resetting%20the%20password.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-167145%22%20slang%3D%22en-US%22%3ERe%3A%20Actually%20useful%20Administrator%20tool%20request%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-167145%22%20slang%3D%22en-US%22%3E%3CP%3EAlex%2C%20by%20implementing%20LAPS%20you%20will%20have%20a%20random%20password%20for%20each%20client%20(you%20might%20already%20have%20this).%20You%20could%20then%20retrieve%20the%20password%20for%20LAPS%2C%20use%20it%20for%20elevating%20on%20the%20users%20computer%20and%20then%20force%20the%20computer%20to%20reset%20the%20password%20on%20next%20Group%20Policy%20update.%3C%2FP%3E%0A%3CP%3EIf%20you%20haven't%20already%20I%20would%20recommend%20looking%20into%20it%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fmt227395.aspx%26nbsp%3B%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ftechnet.microsoft.com%2Fen-us%2Fmt227395.aspx%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

I would like to see a way for Administrators to log into a user's account on their desktop to help configure profiles or troubleshoot issues without needing to reset or utilize their password.  A sort of admin over-ride for a user account to proxy the user account.  It Could be formatted in the username box like this:

Username: DOMAIN\Administrator\proxyusername

Password: AdminPassword

This would be helpful for providing assistance.  If privacy or audit is a concern Microsoft can have the system generate a pop-up message that the user sees the next time the account is logged into by the actual user not the proxy admin.  

There have been a number of times where I have had to do support for a user and don't have their password and end up having to reset it and waste a perfectly good password that can then no longer be used for X amount of passwords because of our regulatory requirements where a simple fix could have been implemented without the need for resetting the password.

1 Reply
Highlighted

Alex, by implementing LAPS you will have a random password for each client (you might already have this). You could then retrieve the password for LAPS, use it for elevating on the users computer and then force the computer to reset the password on next Group Policy update.

If you haven't already I would recommend looking into it: https://technet.microsoft.com/en-us/mt227395.aspx