UAC bitmask is 32. A normal user then gets UAC = 544.
Try doing a ldap query for
(&(objectClas=user)(useraccountcontrol=544))
You could then modify the attribute to 512 on these
users either with adsiedit or in a nice tool such as
ADModify.net.
Note: if the option password not required i
Why not use certificates or rsa for admin accounts?
IF you have a pki environment that would be my suggestion. Then only
then default administrator account would be insecure. But that can be
mitigated with very long password.
An other option is to put admin accounts in a separate child or top
doma