Sign in with
Sign up | Sign in
Your question

Script for renaming and changing PWD on Local Admin Account

Last response: in Windows XP
Share
Anonymous
a b 8 Security
June 14, 2005 8:07:03 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi All,
We are running w2k and xp clients on an NT4 domain. I would like to be able
to run a script that will remotely change the local Administrator account and
password on the 2k/XP clients. My thought is a script that would read a txt
file of computer names and provide an error log.

Any help would be appreciated.
Anonymous
a b 8 Security
June 16, 2005 9:06:19 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I've written such a script. We are running with XP clients on a Windows
2003 domain, but I don't think that should be a problem. You will have
to change admin1 and admin2 to the names of your local administrator
accounts. If you only have one administrator account on each machine,
you can simplify the script. By the way, I found lots of sample scripts
out there from which I built this script; I don't deserve much credit.

Sandy

==========================================================================

'// ChangeLocalPassword.vbs - script to change the password for local
'// administrator accounts on each computer in
'// the AD domain
'// 05/04 (slm)
'// 06/04 changed to change 2 accounts in one pass
'//
'// Usage: ChangeLocalPassword.vbs
'//
'// The script prompts the user for the passwords for the local
'// administrator accounts. It uses a list of computers named
'// PC_list.txt that should be in this directory. The logfile includes
'// a list of computers on which the passwords were changed and those
'// not changed. The NOTchanged.txt file is a list of machines on
'// which the passwords were not changed. This can be used to run the
'// script again and try on just those machines.

Option Explicit

On Error Resume Next
Err.Clear

'// Set constants.
Const ForReading = 1
Const ComputerList = "E:\Scripts\Admin Passwords\PC_list.txt"

'// Define variables.
Dim fso, inputFile, logFile, notChanged
Dim accountName, admin1Password, admin2Password
Dim strComputer, objUser, Changed

'// This script must be run under an administrative account.
WScript.Echo "STOP!! This script MUST be run as an administrator."

'// Open the computer list file and create the log files.
Set fso = CreateObject("Scripting.FileSystemObject")
If (Not fso.FileExists(ComputerList)) Then
WScript.Echo "Computer list file does not exist."
WScript.Quit
End If
Set inputFile = fso.OpenTextFile(ComputerList, ForReading, False)
Set logFile = fso.CreateTextFile("changed.log", vbTrue)
Set notChanged = fso.CreateTextFile("NOTchanged.txt", vbTrue)

'// Prompt the user for the new password for the account.
admin1Password = GetPassword("admin1")
admin2Password = GetPassword("admin2")

'// Loop through the list of computers.
Do While inputFile.AtEndOfStream <> True

strComputer = inputFile.ReadLine

Changed = vbFalse
On Error Resume Next
Set objUser = GetObject("WinNT://" & strComputer & "/admin1, user")
If (Err.Number = 0) Then
objUser.SetPassword admin1Password
objUser.SetInfo
If (Err.Number = 0) Then
logFile.WriteLine("Password changed for admin1 on " & strComputer)
Changed = vbTrue
Else
logFile.WriteLine("Could NOT set password for admin1 on " & _
strComputer)
notChanged.WriteLine(strComputer)
End If
Else
logFile.WriteLine("Could NOT connect to " & strComputer & _
" for admin1")
notChanged.WriteLine(strComputer)
End If
Set objUser = Nothing

If (Changed) Then ' admin1 successful, change admin2

Changed = vbFalse
On Error Resume Next
Set objUser = GetObject("WinNT://" & strComputer & "/admin2, user")
If (Err.Number = 0) Then
objUser.SetPassword admin2Password
objUser.SetInfo
If (Err.Number = 0) Then
logFile.WriteLine("Password changed for admin2 on " & _
strComputer)
Changed = vbTrue
Else
logFile.WriteLine("Could NOT set password for admin2 on " & _
strComputer)
notChanged.WriteLine(strComputer)
End If
Else
logFile.WriteLine("Could NOT connect to " & strComputer & _
" for admin2")
notChanged.WriteLine(strComputer)
End If
Set objUser = Nothing
End If

Loop

inputFile.Close
logFile.Close
notChanged.Close

Set fso = Nothing
Set inputFile = Nothing
Set logFile = Nothing
Set notChanged = Nothing

WScript.Echo "Script done"
wScript.Quit

'//============================================================================
'// Subroutines.

Function GetPassword(accountName)
Dim newPassword

newPassword = InputBox("What do you want the new password to be for " &_
accountName & "?")
If (len(newPassword) < 8) Then
MsgBox "The password you entered is too short" & vbCrLf & _
"It is only " & len(newPassword) & " and it must be" & _
vbCrLf & "at least 8 characters long."
WScript.Quit
End If
GetPassword = newPassword

End Function

On 6/14/2005 4:07 PM lunarpc wrote:
> Hi All,
> We are running w2k and xp clients on an NT4 domain. I would like to be able
> to run a script that will remotely change the local Administrator account and
> password on the 2k/XP clients. My thought is a script that would read a txt
> file of computer names and provide an error log.
>
> Any help would be appreciated.

--
Sandra L Miller
Windows System Administrator
Department of Computer Science
University of Arizona

"The opinions or statements expressed herein are my own and should not be
taken as a position, opinion, or endorsement of the University of Arizona."
Anonymous
a b 8 Security
June 20, 2005 1:46:01 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hi Sandra,
Thanks for your help. The script worked like a charm!

"Sandra L Miller" wrote:

> I've written such a script. We are running with XP clients on a Windows
> 2003 domain, but I don't think that should be a problem. You will have
> to change admin1 and admin2 to the names of your local administrator
> accounts. If you only have one administrator account on each machine,
> you can simplify the script. By the way, I found lots of sample scripts
> out there from which I built this script; I don't deserve much credit.
>
> Sandy
>
> ==========================================================================
>
> '// ChangeLocalPassword.vbs - script to change the password for local
> '// administrator accounts on each computer in
> '// the AD domain
> '// 05/04 (slm)
> '// 06/04 changed to change 2 accounts in one pass
> '//
> '// Usage: ChangeLocalPassword.vbs
> '//
> '// The script prompts the user for the passwords for the local
> '// administrator accounts. It uses a list of computers named
> '// PC_list.txt that should be in this directory. The logfile includes
> '// a list of computers on which the passwords were changed and those
> '// not changed. The NOTchanged.txt file is a list of machines on
> '// which the passwords were not changed. This can be used to run the
> '// script again and try on just those machines.
>
> Option Explicit
>
> On Error Resume Next
> Err.Clear
>
> '// Set constants.
> Const ForReading = 1
> Const ComputerList = "E:\Scripts\Admin Passwords\PC_list.txt"
>
> '// Define variables.
> Dim fso, inputFile, logFile, notChanged
> Dim accountName, admin1Password, admin2Password
> Dim strComputer, objUser, Changed
>
> '// This script must be run under an administrative account.
> WScript.Echo "STOP!! This script MUST be run as an administrator."
>
> '// Open the computer list file and create the log files.
> Set fso = CreateObject("Scripting.FileSystemObject")
> If (Not fso.FileExists(ComputerList)) Then
> WScript.Echo "Computer list file does not exist."
> WScript.Quit
> End If
> Set inputFile = fso.OpenTextFile(ComputerList, ForReading, False)
> Set logFile = fso.CreateTextFile("changed.log", vbTrue)
> Set notChanged = fso.CreateTextFile("NOTchanged.txt", vbTrue)
>
> '// Prompt the user for the new password for the account.
> admin1Password = GetPassword("admin1")
> admin2Password = GetPassword("admin2")
>
> '// Loop through the list of computers.
> Do While inputFile.AtEndOfStream <> True
>
> strComputer = inputFile.ReadLine
>
> Changed = vbFalse
> On Error Resume Next
> Set objUser = GetObject("WinNT://" & strComputer & "/admin1, user")
> If (Err.Number = 0) Then
> objUser.SetPassword admin1Password
> objUser.SetInfo
> If (Err.Number = 0) Then
> logFile.WriteLine("Password changed for admin1 on " & strComputer)
> Changed = vbTrue
> Else
> logFile.WriteLine("Could NOT set password for admin1 on " & _
> strComputer)
> notChanged.WriteLine(strComputer)
> End If
> Else
> logFile.WriteLine("Could NOT connect to " & strComputer & _
> " for admin1")
> notChanged.WriteLine(strComputer)
> End If
> Set objUser = Nothing
>
> If (Changed) Then ' admin1 successful, change admin2
>
> Changed = vbFalse
> On Error Resume Next
> Set objUser = GetObject("WinNT://" & strComputer & "/admin2, user")
> If (Err.Number = 0) Then
> objUser.SetPassword admin2Password
> objUser.SetInfo
> If (Err.Number = 0) Then
> logFile.WriteLine("Password changed for admin2 on " & _
> strComputer)
> Changed = vbTrue
> Else
> logFile.WriteLine("Could NOT set password for admin2 on " & _
> strComputer)
> notChanged.WriteLine(strComputer)
> End If
> Else
> logFile.WriteLine("Could NOT connect to " & strComputer & _
> " for admin2")
> notChanged.WriteLine(strComputer)
> End If
> Set objUser = Nothing
> End If
>
> Loop
>
> inputFile.Close
> logFile.Close
> notChanged.Close
>
> Set fso = Nothing
> Set inputFile = Nothing
> Set logFile = Nothing
> Set notChanged = Nothing
>
> WScript.Echo "Script done"
> wScript.Quit
>
> '//============================================================================
> '// Subroutines.
>
> Function GetPassword(accountName)
> Dim newPassword
>
> newPassword = InputBox("What do you want the new password to be for " &_
> accountName & "?")
> If (len(newPassword) < 8) Then
> MsgBox "The password you entered is too short" & vbCrLf & _
> "It is only " & len(newPassword) & " and it must be" & _
> vbCrLf & "at least 8 characters long."
> WScript.Quit
> End If
> GetPassword = newPassword
>
> End Function
>
> On 6/14/2005 4:07 PM lunarpc wrote:
> > Hi All,
> > We are running w2k and xp clients on an NT4 domain. I would like to be able
> > to run a script that will remotely change the local Administrator account and
> > password on the 2k/XP clients. My thought is a script that would read a txt
> > file of computer names and provide an error log.
> >
> > Any help would be appreciated.
>
> --
> Sandra L Miller
> Windows System Administrator
> Department of Computer Science
> University of Arizona
>
> "The opinions or statements expressed herein are my own and should not be
> taken as a position, opinion, or endorsement of the University of Arizona."
>
!