This is useful for organisation which are on Microsoft active directory(AD) domain controllers. One of the problem system administrator face is they are not able to change the local admin password of the desktops of the users.
There are two issue when local admin passwords are not changed regularly
- Organisation which have implemented some kind of GRC have to change the local admin passwords at least once a quarter/monthly. There is no straight forward method to do this.
- Some insider attackers may crack the hash of local admin and use this to install their own set of software, which can lead to data stealing/information compromise from the local network.