We will use Group Policy Preferences to set password on local user account

• Click Start – All programs – Administrative Tools – Group Policy Management.
• Create or Edit Group Policy Objects.
• Expand Computer Configuration – Preferences – Control Panel Settings.
• Right-click Local Users and Groups – New – Local User.
• Ensure the Action is Update and enter the new password.
• If this is a one-time change (not permanent):
  • Go to the Common tab and check the box for “Apply once and do not reapply“.
• If the change should be permanent: The defaults are correct.

Here is an image of what the policy should look like before applying it:

Note: By default, all Group Policy updates are applied on a 90-minute timer. To apply the update instantly, run a gpupdate /force on the machine to be affected.

Action选择Update，User Name选择Administrator（built-in），输入密码以及确认密码（当密码输入框为灰色时是由于http://support.microsoft.com/kb/2962486 该微软安全补丁导致，卸载该补丁后OK！）

If you want to change this 90-minute policy refresh time for all machines:

• Expand Computer Configuration – Administrative Templates –System – Group policy
• Enable Group policy refresh interval for computers and set any time you want (Recommended 5 – 10 min)

Note: There has been a Common Vulnerability and Exposure number CVE-2014-1812   released for this feature.

With that in mind Microsoft has released a fix, to PREVENT the use of passwords within Group Policy Preferences.

https://technet.microsoft.com/library/security/ms14-025  

This article was originally posted at  http://mabdelhamid.wordpress.com/2011/09/12/how-to-change-local-administrator-password-with-group-policy/