Script for renaming and changing PWD on Local Admin Account

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi All,
We are running w2k and xp clients on an NT4 domain. I would like to be able
to run a script that will remotely change the local Administrator account and
password on the 2k/XP clients. My thought is a script that would read a txt
file of computer names and provide an error log.

Any help would be appreciated.
2 answers Last reply
More about script renaming changing local admin account
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    I've written such a script. We are running with XP clients on a Windows
    2003 domain, but I don't think that should be a problem. You will have
    to change admin1 and admin2 to the names of your local administrator
    accounts. If you only have one administrator account on each machine,
    you can simplify the script. By the way, I found lots of sample scripts
    out there from which I built this script; I don't deserve much credit.

    Sandy

    ==========================================================================

    '// ChangeLocalPassword.vbs - script to change the password for local
    '// administrator accounts on each computer in
    '// the AD domain
    '// 05/04 (slm)
    '// 06/04 changed to change 2 accounts in one pass
    '//
    '// Usage: ChangeLocalPassword.vbs
    '//
    '// The script prompts the user for the passwords for the local
    '// administrator accounts. It uses a list of computers named
    '// PC_list.txt that should be in this directory. The logfile includes
    '// a list of computers on which the passwords were changed and those
    '// not changed. The NOTchanged.txt file is a list of machines on
    '// which the passwords were not changed. This can be used to run the
    '// script again and try on just those machines.

    Option Explicit

    On Error Resume Next
    Err.Clear

    '// Set constants.
    Const ForReading = 1
    Const ComputerList = "E:\Scripts\Admin Passwords\PC_list.txt"

    '// Define variables.
    Dim fso, inputFile, logFile, notChanged
    Dim accountName, admin1Password, admin2Password
    Dim strComputer, objUser, Changed

    '// This script must be run under an administrative account.
    WScript.Echo "STOP!! This script MUST be run as an administrator."

    '// Open the computer list file and create the log files.
    Set fso = CreateObject("Scripting.FileSystemObject")
    If (Not fso.FileExists(ComputerList)) Then
    WScript.Echo "Computer list file does not exist."
    WScript.Quit
    End If
    Set inputFile = fso.OpenTextFile(ComputerList, ForReading, False)
    Set logFile = fso.CreateTextFile("changed.log", vbTrue)
    Set notChanged = fso.CreateTextFile("NOTchanged.txt", vbTrue)

    '// Prompt the user for the new password for the account.
    admin1Password = GetPassword("admin1")
    admin2Password = GetPassword("admin2")

    '// Loop through the list of computers.
    Do While inputFile.AtEndOfStream <> True

    strComputer = inputFile.ReadLine

    Changed = vbFalse
    On Error Resume Next
    Set objUser = GetObject("WinNT://" & strComputer & "/admin1, user")
    If (Err.Number = 0) Then
    objUser.SetPassword admin1Password
    objUser.SetInfo
    If (Err.Number = 0) Then
    logFile.WriteLine("Password changed for admin1 on " & strComputer)
    Changed = vbTrue
    Else
    logFile.WriteLine("Could NOT set password for admin1 on " & _
    strComputer)
    notChanged.WriteLine(strComputer)
    End If
    Else
    logFile.WriteLine("Could NOT connect to " & strComputer & _
    " for admin1")
    notChanged.WriteLine(strComputer)
    End If
    Set objUser = Nothing

    If (Changed) Then ' admin1 successful, change admin2

    Changed = vbFalse
    On Error Resume Next
    Set objUser = GetObject("WinNT://" & strComputer & "/admin2, user")
    If (Err.Number = 0) Then
    objUser.SetPassword admin2Password
    objUser.SetInfo
    If (Err.Number = 0) Then
    logFile.WriteLine("Password changed for admin2 on " & _
    strComputer)
    Changed = vbTrue
    Else
    logFile.WriteLine("Could NOT set password for admin2 on " & _
    strComputer)
    notChanged.WriteLine(strComputer)
    End If
    Else
    logFile.WriteLine("Could NOT connect to " & strComputer & _
    " for admin2")
    notChanged.WriteLine(strComputer)
    End If
    Set objUser = Nothing
    End If

    Loop

    inputFile.Close
    logFile.Close
    notChanged.Close

    Set fso = Nothing
    Set inputFile = Nothing
    Set logFile = Nothing
    Set notChanged = Nothing

    WScript.Echo "Script done"
    wScript.Quit

    '//============================================================================
    '// Subroutines.

    Function GetPassword(accountName)
    Dim newPassword

    newPassword = InputBox("What do you want the new password to be for " &_
    accountName & "?")
    If (len(newPassword) < 8) Then
    MsgBox "The password you entered is too short" & vbCrLf & _
    "It is only " & len(newPassword) & " and it must be" & _
    vbCrLf & "at least 8 characters long."
    WScript.Quit
    End If
    GetPassword = newPassword

    End Function

    On 6/14/2005 4:07 PM lunarpc wrote:
    > Hi All,
    > We are running w2k and xp clients on an NT4 domain. I would like to be able
    > to run a script that will remotely change the local Administrator account and
    > password on the 2k/XP clients. My thought is a script that would read a txt
    > file of computer names and provide an error log.
    >
    > Any help would be appreciated.

    --
    Sandra L Miller
    Windows System Administrator
    Department of Computer Science
    University of Arizona

    "The opinions or statements expressed herein are my own and should not be
    taken as a position, opinion, or endorsement of the University of Arizona."
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Hi Sandra,
    Thanks for your help. The script worked like a charm!

    "Sandra L Miller" wrote:

    > I've written such a script. We are running with XP clients on a Windows
    > 2003 domain, but I don't think that should be a problem. You will have
    > to change admin1 and admin2 to the names of your local administrator
    > accounts. If you only have one administrator account on each machine,
    > you can simplify the script. By the way, I found lots of sample scripts
    > out there from which I built this script; I don't deserve much credit.
    >
    > Sandy
    >
    > ==========================================================================
    >
    > '// ChangeLocalPassword.vbs - script to change the password for local
    > '// administrator accounts on each computer in
    > '// the AD domain
    > '// 05/04 (slm)
    > '// 06/04 changed to change 2 accounts in one pass
    > '//
    > '// Usage: ChangeLocalPassword.vbs
    > '//
    > '// The script prompts the user for the passwords for the local
    > '// administrator accounts. It uses a list of computers named
    > '// PC_list.txt that should be in this directory. The logfile includes
    > '// a list of computers on which the passwords were changed and those
    > '// not changed. The NOTchanged.txt file is a list of machines on
    > '// which the passwords were not changed. This can be used to run the
    > '// script again and try on just those machines.
    >
    > Option Explicit
    >
    > On Error Resume Next
    > Err.Clear
    >
    > '// Set constants.
    > Const ForReading = 1
    > Const ComputerList = "E:\Scripts\Admin Passwords\PC_list.txt"
    >
    > '// Define variables.
    > Dim fso, inputFile, logFile, notChanged
    > Dim accountName, admin1Password, admin2Password
    > Dim strComputer, objUser, Changed
    >
    > '// This script must be run under an administrative account.
    > WScript.Echo "STOP!! This script MUST be run as an administrator."
    >
    > '// Open the computer list file and create the log files.
    > Set fso = CreateObject("Scripting.FileSystemObject")
    > If (Not fso.FileExists(ComputerList)) Then
    > WScript.Echo "Computer list file does not exist."
    > WScript.Quit
    > End If
    > Set inputFile = fso.OpenTextFile(ComputerList, ForReading, False)
    > Set logFile = fso.CreateTextFile("changed.log", vbTrue)
    > Set notChanged = fso.CreateTextFile("NOTchanged.txt", vbTrue)
    >
    > '// Prompt the user for the new password for the account.
    > admin1Password = GetPassword("admin1")
    > admin2Password = GetPassword("admin2")
    >
    > '// Loop through the list of computers.
    > Do While inputFile.AtEndOfStream <> True
    >
    > strComputer = inputFile.ReadLine
    >
    > Changed = vbFalse
    > On Error Resume Next
    > Set objUser = GetObject("WinNT://" & strComputer & "/admin1, user")
    > If (Err.Number = 0) Then
    > objUser.SetPassword admin1Password
    > objUser.SetInfo
    > If (Err.Number = 0) Then
    > logFile.WriteLine("Password changed for admin1 on " & strComputer)
    > Changed = vbTrue
    > Else
    > logFile.WriteLine("Could NOT set password for admin1 on " & _
    > strComputer)
    > notChanged.WriteLine(strComputer)
    > End If
    > Else
    > logFile.WriteLine("Could NOT connect to " & strComputer & _
    > " for admin1")
    > notChanged.WriteLine(strComputer)
    > End If
    > Set objUser = Nothing
    >
    > If (Changed) Then ' admin1 successful, change admin2
    >
    > Changed = vbFalse
    > On Error Resume Next
    > Set objUser = GetObject("WinNT://" & strComputer & "/admin2, user")
    > If (Err.Number = 0) Then
    > objUser.SetPassword admin2Password
    > objUser.SetInfo
    > If (Err.Number = 0) Then
    > logFile.WriteLine("Password changed for admin2 on " & _
    > strComputer)
    > Changed = vbTrue
    > Else
    > logFile.WriteLine("Could NOT set password for admin2 on " & _
    > strComputer)
    > notChanged.WriteLine(strComputer)
    > End If
    > Else
    > logFile.WriteLine("Could NOT connect to " & strComputer & _
    > " for admin2")
    > notChanged.WriteLine(strComputer)
    > End If
    > Set objUser = Nothing
    > End If
    >
    > Loop
    >
    > inputFile.Close
    > logFile.Close
    > notChanged.Close
    >
    > Set fso = Nothing
    > Set inputFile = Nothing
    > Set logFile = Nothing
    > Set notChanged = Nothing
    >
    > WScript.Echo "Script done"
    > wScript.Quit
    >
    > '//============================================================================
    > '// Subroutines.
    >
    > Function GetPassword(accountName)
    > Dim newPassword
    >
    > newPassword = InputBox("What do you want the new password to be for " &_
    > accountName & "?")
    > If (len(newPassword) < 8) Then
    > MsgBox "The password you entered is too short" & vbCrLf & _
    > "It is only " & len(newPassword) & " and it must be" & _
    > vbCrLf & "at least 8 characters long."
    > WScript.Quit
    > End If
    > GetPassword = newPassword
    >
    > End Function
    >
    > On 6/14/2005 4:07 PM lunarpc wrote:
    > > Hi All,
    > > We are running w2k and xp clients on an NT4 domain. I would like to be able
    > > to run a script that will remotely change the local Administrator account and
    > > password on the 2k/XP clients. My thought is a script that would read a txt
    > > file of computer names and provide an error log.
    > >
    > > Any help would be appreciated.
    >
    > --
    > Sandra L Miller
    > Windows System Administrator
    > Department of Computer Science
    > University of Arizona
    >
    > "The opinions or statements expressed herein are my own and should not be
    > taken as a position, opinion, or endorsement of the University of Arizona."
    >
Ask a new question

Read More

Security Microsoft Windows XP