Quote:
...
So the script would be encrypted with kixcrypt and then shared in the netlogon folder of our domain. (encrypted to protect the domain admin username/password)
....
Encrypted script will be decrypted when executed and stored locally as a regular kix script. Users can then read the contents and therefore the username and password are both readable to the user. Never, NEVER, NEVER, NEVER put an admin username and password in a script unless you want to get screwed by some user that found the password and is actually using it to do and get what he/she wants. I'd probably loose my job or at least get my CEO on my back asking me why the h#ll I shared an admin password with a regular user if this happened.
If you know the computers that cause problems (and if you don't find out) then you should create an admin script that deletes the registry keys remotely and (re)starts the service remotely. Much more secure, the users will never know you did something to the computer they are working on and you'll find them all in reporting to WSUS and getting updates.
_________________________
Mart
- Chuck Norris once sold ebay to ebay on ebay.
