Local Account Management
The Local Account Management profile object provides the ability to manage the local built-in user accounts on client workstations. The local user accounts that can be managed are the Administrator and Guest local accounts. You can change the name of the account, change the password of the account, and disable either of these accounts. You can also remove local user profiles that have not been used for a specified period of time.
The Local Account Management profile object also provides the ability to manage local built-in groups on client workstations. It allows these built-in groups to be managed by adding and/or removing domain and local user and domain groups.
Users
Options for Built-in Users
Built-in User Account Name
Select a built-in user account from the drop down list. This is the account that the following options apply to.
Disable this account
Select this check box, 
The default setting is to preserve the built-in account's current setting.
Account Settings
Change existing name
Select this option to change the name of the selected Built-in User Account.
Change existing password
Select this option to change the password of the selected Built-in User Account. Password strength is based on a level of 1 (weakest) to 5 (strongest). Take into account the following password guidelines for a strong password:
- Contains at least one lower case character
- Contains at least one upper case character
- Contains at least one numerical character
- Contains at least one special character
- Has at least 12 characters with no character repetition
Options for User profiles
Remove any Domain User Profiles not used in the last XX day(s)
User profiles are created and saved on the local workstation for every user that logs in. Select this option to remove any user profiles from the local computer when they have not been accessed (user has not logged in) for a certain amount of days. This can be any value from 30 and above. A profile will be removed only if it is stored on the local machine. Only domain user profiles will be removed. If any part of a profile is stored externally (outside of the profiles folder directory) will not be removed; this includes Roaming user profiles and Mandatory user profiles. The default value is 30 days.
Groups
Options for Built-in Groups
Select a built-in group to manage. Accounts may be added to or removed from this selected group.
Accounts to add or remove
Domain Accounts
From the drop down selection, choose either Add Domain Accounts or Remove Domain Accounts. From the popup resource browser, select one or more Domain Users, Domain Groups or Domain Computers to manage in the selected built-in group. Both of these selections will add an account to the Account list, each with the selected action, Add or Remove.
The Account list will show the desired Action (Add/Remove), Account Type (Domain/Local), Name (Domain/User Name), and Status. The status will confirm the users' or groups' SID was resolved or not. If the status is "Failed", it was not found (in Active Directory) and will not be able to be added to the built-in group. If the status is "Resolved", it was found (in Active Directory) in the Users/Groups SID and can be used.
To the right of each account in the Account list there will be an Edit link. Click the Edit link to modify the Action type. To remove one or more entries from the list, select each one and then click the Remove button.
Local Accounts
From the drop down selection, choose either Add Local User Accounts or Remove Local User Accounts. In the Account list, select the appropriate action and enter the local user name into the entry provided. Local accounts do not get resolved for a SID, therefore no status will be given in the status column. To the right of each account in the Account list there will be Edit and Remove options. Click the Edit link to modify the Action type. Click Remove to delete the account from the Account list.
Remove any domain users or domain groups from the local administrators group on the client that are not defined here
This setting is only available when the Administrators (built-in) group is the selected Built-in group list. It will be disabled for all other selected groups.
Select this option to remove all domain users and/or domain groups from the built-in local Administrators group unless the user or group is defined in the Account list.
Timing
Select the Timing tab to configure when this element will be executed. Computer Management objects can execute at computer Startup, Shutdown, defined Refresh intervals or based on customized Schedules.
Validation Logic
Select the Validation Logic tab to set the validation rules for this element.
Notes
Select the Notes tab to create any additional notes needed to document the profile element.
Description
When adding or modifying a profile object element, the description appears above the settings tab. Enter a description to annotate the element. The default value for new profile elements can be changed by going to the system Preferences.
*This feature is not a standard part of Desktop Authority Essentials. To obtain this feature, Desktop Authority Essentials must be upgraded to the full version of Desktop Authority.