Solved

Need script to change Local Admin password on all workstations - Logon Script?

Posted on 2004-08-06
10
3,125 Views
Last Modified: 2008-02-26
I am looking for a script to push out from my Active Directory to all workstations that will change the Local Administrator password on the machines.  I am in the process of locking down about 300 workstations and need to get this changed ASAP since some users are causing havoc.

Anyone know where I could find a tool that would do the trick?  Possibly something I could push out as a logon script?

Thanks!
0
Comment
Question by:jetskimd
10 Comments
 
LVL 9

Expert Comment

by:SamuraiCrow
Comment Utility
Here is some good info on using cusrmgr.exe to accomplish this task

http://www.winnetmag.com/Windows/Article/ArticleID/24210/24210.html
0
 
LVL 2

Expert Comment

by:PKundtz
Comment Utility
Here's a one-liner batch script you can set as a start-up script in the Machine policy:

net user administrator password

I rename my local administrator accounts as an extra security measure.  Here's another script to use if you want to use another admin account:

net user admin2 password
if %ERRORLEVEL% == 2 goto CREATE
goto end

:CREATE
net user admin2 /add password
net localgroup administrators /add admin2
goto END

:END
exit
0
 
LVL 82

Expert Comment

by:oBdA
Comment Utility
Do you have the W2k Resource Kit (namely local.exe, getsid.exe, and cusrmgr.exe; note that cusrmgr.exe is not part of the free downloadable W2k3 ResKit)? I have a script here that remotely renames on a list machines the built-in account (even if renamed to an unknown name), changes the password, and lists other users with administrative permissions; this requires the tools above, though.
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 125 total points
Comment Utility
Change All Local Admin Passwords


Change Local Administrator Password Remotely
 

Download the utility 'cryptpwd' from :
http://www.jsiinc.com/dl/cryptpwd.zip

Now just create a text file containing all your server names
(e.g. serverlist.txt) and then create a batch file with the following line :

FOR /F %%x in (serverlist.txt) do cryptpwd -m \\%%x -P newpassword

(where newpassword is the password you want to set as the
local administrator password on the servers.)

(You obviously need to have admin. rights to the servers in order
to change the password.)

This method changes the password immediately.


From http://infocenter.cramsession.com/TechLibrary/GetHtml.asp?ID=1373&CatID=267

For a VB Solution see http://www.experts-exchange.com/Security/Win_Security/Q_20946526.html
http://www.microsoft.com/technet/community/scriptcenter/user/scrug74.mspx
0
 
LVL 57

Expert Comment

by:Pete Long
Comment Utility
ThanQ
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Expert Comment

by:chrisjasper
Comment Utility
Another solution is to download the freeware Quest central from quest.com, under the AD portion of the mamnagement tools you can select computers and invoke the Change Local Administrator password wizard.
0
 

Expert Comment

by:sanchito_75
Comment Utility
If you want to make it even go to this url:
http://www.systemtools.com/hyena/download_frame.htm

Download and install HYENA network tools. This is what I use to change hundred of workstations local password in minutes. No scripts just an easy to use GUI. If you like it and need a quick how to I will help you. Good luck
0
 

Expert Comment

by:sanchito_75
Comment Utility
ooops... Sorrry I meant make it easier go to this url... I am an newbie as you can tell.
0
 

Expert Comment

by:jrod7290
Comment Utility
Sanchito,
How would you use to Hyena to change the passwords on muliple workstations?
0
 

Expert Comment

by:sanchito_75
Comment Utility
open up Hyena-->Open up enterprise---> Right click all computers--->Click view all computers--> On the left side select the computer types and choose windows nt and windows 95. On the rights side where is says function  choose workstation and click ok.

Hyena will then enumerate a list of all workstations in your AD/NT domain. Once the list is completed all the computers(workstations) will appear on the right side. Select all computers using CTRL A and then right click on any one of the computers.

Select more functions and choose set account password and choose the password you want. This will change the password for all workstations.
GOOD LUCK!
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now