This is a LAPs like solution for NAble RMM.
To use this script, configure your RMM monitoring template to run an automated task daily.
The script will:
- Step 1: Delete all admin accounts on the machine matching the scripts prefix. IE: Only delete accounts created by the script
- Step 2: Create a new local admin on the machine using the scripts prefix
- Account will not expire. If user is offline for extended period, the last admin account created and sent to RMM will still be available.
- Step 3: Send the username and password back to RMM
To view the username and password in RMM:
- Click on the workstation
- Click on the "Tasks"
- Locate the "Create admin account" script (or whatever you named) and click the "Output" for the script.
The script allows you to use a custom word list and special character list for the passwords. By using a word list and only certain special characters, you can easily communicate the temporary password over the phone if necessary.
When logging into a machine, you must prefix the username with a dot slash (EG: .\tadmin101) or the login may fail. This dot slash tells the login to use a local user account.
