Change hostname (computer name) for > 100 nt 4 workstations

How can I change hostname (computer name) for >100 nt 4 workstations, where the user is not administrator. And I do not want to travel to each of them.

My idea goes on something in the login script:
1. Add user to local administrator group (this one have to be done by an administrator, could i use SU.EXE, and what are the commandlines for this?)
2. Add computer name to server manager at server (almost done, but need some help)
3. Change user computer name at ws. via a scriptit script (I have done this one)
4. Remove user from local administrator group (I have done this one too)

-Dennis Siggaard (ICQ 41577345)
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tim HolmanCommented:
Don't ever add a user to ANY administrator group !
You could get into all sorts of predicaments !

Something like SMS / WinInstall would do this for you.

You need to change the registry key :
(Hostname is the same thing as computername under NT)
I suppose you could use a remote shell as the command needs to be run locally.
(ie regedit /s hostname.reg, where the .reg file contains this registry key and appropriate hostname).

Then change it via srvmgr to update the SAM.
I'll just 2nd tim_holman's warning NOT to add the users to your administrative group.  If security is an issue (and it must be since you have the workstations locked down) you are playing with dynamite.

The problem is that NT goes out of its way to prevent users from gaining access to privileges they are not authorized for.  There is a way, however, that involves a program that calls LogonUser and then CreateProcessAsUser to run the application in the context of a privileged account.  Two security issues with this approach:

1) You must have an account name and password embedded in the application.  The danger here can be minimized by creating an authorized administrative account that is enabled only for a specific time interval while you are deploying the script.  After that time, you disable it.

2) The user accounts must have SE_TCB_NAME (Act as part of the operating system) privilege.  While this one can be used for exploits, it's far less dangerous than the entire administrator set of privs.

A year ago or so I developed an application that did the above for a client who had to change some of the network properties for 140,000 workstations.  Most (about 120,000) were Win95 boxes which present no security problems at all.  The last 20,000 were NT.  The above technique worked and solved the problem.  The "window of vulnerability" if you want was only a few days and the administrator at the site closed off SE_TCB_NAME privs for each user as their computer logged on to the network and was forced to run the app via the logon script.
Dennis_SiggaardAuthor Commented:
Here is my idea:

First you should know that i have developed two programs. One which runs at server, and is listening for a client to tell it what to to.
And one which calls the server program with some parameters.

examples client \\servername create_hostname_in_server_manager.bat %USERNAME%321

i have then created a create_hostname_in_server_manager.bat at the server. which will be run at the server. the bat file contains following:
net computer \\%1 /add

net localgroup administrators
   // this tells me who is local admin
   // here i can read if user is local
   // admin
if not give him local admin rights
client \\server add_user_to_local_admin.bat %COMPUTERNAME% %USERNAME
goto END

if local admin rights
call scriptit script which change computername
net localgroup Administrators %USERDOMAIN%\%USERNAME% /DELETE
  // removes the user from local admin

add_user_to_local_admin.bat contains:
soon \\%1 500 cmd /c "net localgroup Administrators DONAIN\%2" /ADD


read the file called su.txt to get all the command switches.

run an su while running the command remote /c and remote /s (client server)

create an app in vb or C++ that will make the changes in the registry.

Of course you will need to have someone at the other end to run the "remote /s \\Server yourid" command.

You then close su and then close the remote shell instance.

I beleive that this should be fairly painless.

Hope this helps.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.