Solved

changing local machine admin passwords via server

Posted on 2003-10-24
6
559 Views
Last Modified: 2012-05-04
Not sure if this is possible or not, but thought I'd ask anyhow.  I'm interested in knowing if you can change local admin passwords for workstations over the network.  It's that time again where all admin passwords need to be reset, but in the past we've always visited every local machine which is quite tedious.  All of the workstations are Win2000 or WinXP and are part of the domain.  Thanks.
0
Comment
Question by:mgrass
  • 3
  • 2
6 Comments
 

Expert Comment

by:solver7
Comment Utility
If you want to do it manually for a few machines,
open the computer management console,
under "actions" select "connect to another computer"
add the computer name then just go under
system tools
local users and computers.

  It's a simple way but not practifcal for a large user base.

0
 
LVL 1

Author Comment

by:mgrass
Comment Utility
Yeah, doing it manual is tried and true, but I have upwards of 550 machines all-in-all that require the change.
0
 
LVL 82

Accepted Solution

by:
oBdA earned 250 total points
Comment Utility
This script was intended to rename the built-in administrator account and password, even if that name had been changed before to unknown value, and to produce a logfile. It should fit your needs, too; just set the "new" name of the administrator account to "Administrator" if you don't want to change the account name.
This should work on any NT4, W2k and XP.
The script creates a ";" separated logfile, and the administrator (and SID) list field it creates in the logfile is "," separated. "Other Admins" are members of the local Administrators group that are not local accounts. "RC Rename" "and RC Password" are the Return Codes of the renaming / password changing command.
As mentioned in the remarks, you need some tools from the Resource Kit.
At the moment, it's in test mode, so you should be able to run it without endangering your net (read the remarks on how to "arm" the script).
Feed it either a single machine name as parameter ("renbiadmin SomeMachine"), or, for a bunch of machines, a "/L" as first parameter and a list with computer names to be processed as second parameter ("renbiadmin /L SomeDrive:\SomePath\SomeListFile"). Start it without parameter, and it will give you a short help.
It will give you a list with failed machines as well, so that you can run only the failed machines again without having too much trouble ...

As usual: No warranties included, test it before you apply it in earnest, use this at your own risk.

====8<----[renbiadmin.cmd]----
@echo off
setlocal
:: *** renbiadmin.cmd
:: *** Renames the built in administrator account of the specified machine and changes the password
:: *** Necessary external tools (from the W2k Resource Kit): local.exe, getsid.exe, cusrmgr.exe.
:: *** New name of the builtin administrator account:
set NewAdmin=LocalAdmin
:: *** New password of the builtin administrator account:
set NewPassword=Secret
:: *** "set Test=echo" (without quotation marks) for testing purposes,
:: *** "set Test=" (without quotation marks) to get serious
:: *** in test mode, it will do everything as usual, but it will neither
:: *** rename the account nor change the password.
set Test=echo
:: *** Localization; the name of the Local Administrators Group:
set AdminGroup=Administrators
:: *** List the Administrator's SID (TRUE to enable, empty or FALSE to disable):
set EnableSID=TRUE
:: *** (path and) name of the log file:
set LogFile=%~n0.log
:: *** (path and) name of the file with failed machine names:
set FailedFile=%~n0.txt

:: *** Only change the following variables if you know what you're doing ***
:: *** Builtin System Administrator RID (Default: 500):
set BIAdminRID=500
:: *** Admin share (used to verify credentials):
set AdminShare=C$

if %1.==. goto Syntax
if exist "%FailedFile%" del "%FailedFile%"
(echo Machine Name;Local Admins;Builtin Admin;Other Admins;Return Code "Rename";Return Code "New Password")>"%LogFile%"
echo ======================================================================
if /i not %1.==/L. goto process
if %2.==. goto Syntax
set ListFile=%2
if not exist %ListFile% (
  echo Error: The list file does not exist.
  goto leave
)
for /f %%a in ('type %ListFile%') do call :process %%a
goto leave

:process
set Machine=%1
set BuiltinAdmin=
set LocalAdmins=
set OtherAdmins=
set Failed=
:: *** check if remote machine is alive:
ping -n 1 %Machine% | find "TTL" >NUL
if errorlevel 1 (
  set Machine=%Machine% [failed: not responding]
  set BuiltinAdmin=[skipped]
  set LocalAdmins=,[skipped]
  set OtherAdmins=,[skipped]
  set RCRename=[skipped]
  set RCNewPass=[skipped]
  set Failed=%Machine%
  goto log
)
:: *** check for administrative privileges on the remote machine:
net use \\%Machine%\%AdminShare% 1>NUL 2>NUL
if errorlevel 1 (
  set Machine=%Machine% [failed: access denied]
  set BuiltinAdmin=[skipped]
  set LocalAdmins=,[skipped]
  set OtherAdmins=,[skipped]
  set RCRename=[skipped]
  set RCNewPass=[skipped]
  set Failed=%Machine%
  goto log
)
net use \\%Machine%\%AdminShare% /delete 1>NUL 2>NUL

:: *** Check for the local built in administrator account:
:CheckAdmins
for /f "tokens=1* delims=\" %%a in ('local %AdminGroup% \\%Machine%') do (
  set CheckDomain=%%a
  set CheckAdmin=%%b
  call :FindBuiltIn
)

:: *** Check if the builtin account was found:
if "%BuiltinAdmin%"=="" (
  set BuiltinAdmin=[Undetermined]
  set RCRename=[skipped]
  set RCNewPass=[skipped]
  set Failed=%Machine%
  goto log
)

:: *** Check if the builtin account already has the correct name:
if /i "%BuiltinAdmin%"=="%NewAdmin%" (
  set RCRename=[skipped: name ok]
  goto ChangePass
)
:: *** Rename the builtin account and save the return code:
set RCRename=
for /f "tokens=2 delims=:" %%a in ('%Test% cusrmgr -u %BuiltinAdmin% -m \\%Machine% -r %NewAdmin% ^| find /i "ERROR"') do set RCRename=%%a
if "%RCRename%"=="" set RCRename=0

:ChangePass
:: *** Check if renaming was successful:
if %RCRename% GTR 0 (
  set RCNewPass=[skipped: couldn't rename]
  set Failed=%Machine%
  goto log
)
:: *** Change the password and save the return code:
set RCNewPass=
for /f "tokens=2 delims=:" %%a in ('%Test% cusrmgr -u %NewAdmin% -m \\%Machine% -P %NewPassword% ^| find /i "ERROR"') do set RCNewPass=%%a
if "%RCNewPass%"=="" set RCNewPass=0
if %RCNewPass% GTR 0 set failed=%Machine%
goto log

:: **********************************************************************
:: *** Subroutines:
:FindBuiltIn
:: *** Check if the account to be tested is a local one; if not, save it and return:
if /i not "%CheckDomain%"=="%Machine%" (
  set OtherAdmins=%OtherAdmins%,%CheckDomain%\%CheckAdmin%
  goto :eof
)

:: *** Get the administrator's SID of the remote machine:
for /f "tokens=7 skip=2" %%a in ('getsid \\%Machine% %CheckAdmin% \\%Machine% %CheckAdmin%') do set SID=%%a
set TempSID=%SID%
:GetRID
:: *** Get the Relative Identifier:
for /f "tokens=1* delims=-" %%a in ("%TempSID%") do (
  set RID=%%a
  set TempSID=%%b
)
if not "%TempSID%"=="" goto GetRID
set LocalAdmins=%LocalAdmins%,%CheckAdmin%
if /i "%EnableSID%"=="TRUE" set LocalAdmins=%LocalAdmins% {%SID%}
if %RID%==%BIAdminRID% set BuiltinAdmin=%CheckAdmin%
goto :eof

:Syntax
echo.
echo renbiadmin.cmd
echo.
echo Renames the built-in administrator account of a given machine, independently
echo of the current name of the account. Creates a ";"-separated logfile and a list
echo of machines where renaming or password change wasn't sucessful.
echo If run in test mode, no renaming/password change is done.
set TM=ON&if .%Test%.==.. set TM=OFF
echo New Admin:     %NewAdmin%
echo Logfile:       %LogFile%
echo "Failed" list: %FailedFile%
echo Test mode:     %TM%
echo.
echo Syntax:
echo renbiadmin { ^<machine^> ^| /L ^<list^> }
echo ^<machine^>: Renames the administrator account of machine.
echo /L:        Renames the administrator account of all machines in ^<list^>
echo            (one name per line).
goto leave
:: **********************************************************************

:log
set LocalAdmins=%LocalAdmins:~1%
if "%OtherAdmins%"=="" set OtherAdmins=,[None]
set OtherAdmins=%OtherAdmins:~1%
(echo %Machine%;%LocalAdmins%;%BuiltinAdmin%;%OtherAdmins%;%RCRename%;%RCNewPass%)>>"%LogFile%"
if not "%Failed%"=="" (echo %Failed%)>>"%FailedFile%"
echo Machine:       %Machine%
echo Local Admins:  %LocalAdmins%
echo Builtin Admin: %BuiltinAdmin%
echo Other Admins:  %OtherAdmins%
echo RC Rename:     %RCRename%
echo RC Password:   %RCNewPass%
echo ======================================================================

:leave

====8<----[renbiadmin.cmd]----
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 1

Author Comment

by:mgrass
Comment Utility
Okay, looks a bit complex.  Is there a deployment instruction manual to go along with this?  
0
 
LVL 82

Expert Comment

by:oBdA
Comment Utility
No need to deploy anything; just save it on the workstation or server you're using for your administrative work. All it needs are three tools from the Resource Kit in the path. Most of the script is "just" error handling and logging, but when you're handling 500 machines, you'll want those ...
It's in test mode, so just call it with a remote machine as argument to see what it's doing.
0
 
LVL 1

Author Comment

by:mgrass
Comment Utility
Thanks for the assist.  
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this article, I will show you HOW TO: Create your first Windows Virtual Machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, the Windows OS we will install is Windows Server 2016.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now