Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Changing a password for a local user account remotely through script

Posted on 2006-11-30
8
Medium Priority
?
255 Views
Last Modified: 2013-12-23
Hi guys!
Hope you can help out.

We have an NT domain.

We have a local user account, let's say its called "hjbox" on all our NT machines.
Often, people change the password, that then later we have to remote in and change it back to the right password for the day.

What Id like to do is the following:

Let's say we have discovered on our network that 50 NT machines need to have the password changed to a common password...lets say password should be "abcd1234".

Is there any way to script this out, so that when the script runs, it changes the password for the local account "hjbox" on all these 50 workstations?
I really dont want to push out a scheduled task to do this, but would rather get immediate feedback through a logfile of all that have been successfully changed.

Any help greatly appreciated.

Simon
0
Comment
Question by:Simon336697
  • 5
  • 3
8 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18043972

Hi Simon,

Yep, that's certainly possible.

It would need running as someone with administrative access on all machines - but that can't be unexpected.

How did you want to define which machines it runs for? Text File? Or just for everything listed in, er, Server manager (? I forget, long long time since I've used WinNT admin tools).

Anyway, this is what we run (it's VbScript - .vbs) to change the password itself:

Set objUser = GetObject("WinNT://" & strComputerName & "/hjbox, user")
objUser.SetPassword "abcd1234"
Set objUser = Nothing

Nice and easy, all we need to do is tell it what strComputerName is, then loop through all the computers you want to change.

HTH

Chris
0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044009
Hi Chris!

Thank you so much mate..So quick...I dont know how you guys do it.

Chris,
We do have a mixture of NT domains and 2003 AD domain, purely because we support different companies, and these different companies are members of different domains.

So, what I would need to do is:

Gather a list of NT machines that have had the password for hjbox not set to the correct password eg.lets say it should be abcd1234 (I dont know how we would do this).
Then as you say to define probably through a text file listing all those machines the vbs script is to parse.

If possible, could you please help me in how your script would use a text file/point to the text file and run the script for every computer name in the text file?

Is there any way to get instant feedback of success/failure of the script for each computer it is run against eg.log file with computer name and success/failure.

Thanks so much Chris.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 18044084

Hey,

Identifying the computers in the first place would be tricky - normally the simpler approach is to just reset the password for all machines that should have it - it saves a step and doesn't really things too tricky.

If we assume we've managed to identify where changes are necessary and we have a list of computers that looks like this:

BobsComputer
JaneWinXP
ITTest

etc, etc.

We'll call that "computers.txt" for now (and that's in the same directory as the script), then we can do this:


Option Explicit

Dim objFileSystem, objFile, objStream, objUser
Dim strComputer

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.GetFile("computers.txt")
Set objStream = objFile.OpenAsTextStream(1, 0)

' This goes through the text file a line at a time.

Do While Not objStream.AtEndOfStream
      strComputer = objStream.ReadLine

      ' We don't want to change anything that doesn't really have a name listed (protects against blank lines)

      If Len(strComputer) > 0 Then
            ' Turn on Error Handling here
            On Error Resume Next : Err.Clear
            Set objUser = GetObject("WinNT://" & strComputer & "/hjbox, user")

            If Err.Number <> 0 Then
                  WScript.Echo "Failed to attach to User on " & strComputer & ": " & Err.Description
            Else
                  Err.Clear
                  objUser.SetPassword "abcd1234"
                  If Err.Number <> 0 Then
                        WScript.Echo "Failed to set Password on " & strComputer & ": " & Err.Description
                  End If
            End If
            Set objUser = Nothing

            On Error Goto 0
      End If
Loop

Set objStream = Nothing
Set objFile = Nothing
Set objFileSystem = Nothing


Of course there are other ways to figure out the list of PCs. For WinNT it's not as easy, everything is stored in a very flat structure and it's not easy to eliminate those we don't want to change programatically. However, in AD we have a great deal of flexibility and we can change for a single OU, all OUs except one, a selection of OUs, etc etc etc. I can cover that as well if it's of interest.

Chris
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 
LVL 1

Author Comment

by:Simon336697
ID: 18044102
Chris!

What can I say?

A huge huge thankyou to your expertise from a simple aussie down under.
I hope this gets you your 1000th question answered mate.

Thank you so much again.

I will test this out now at work, but wont hassle you again.

Thanks again Chris.

Simon
0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044115
Chris sorry!

Does the above script youve created pump the results out to a text file?
Ideally this would be great.
Only (and only if youve got the time/inclination), a version of this for AD would be fantastic, but as I said, I dont expect anything more.
Youve been great!

Simon
0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044126
Chris!

BTW I did post another question about this issue on here.
It asks about polling all NT boxes to see when the perl script (run.pl) was last run.
This is the script that changes the daily password on these machines.
If I can determine what boxes the script has failed to run on, then I could hone in on the computers that probably require their passwords changed as the passwords on these computers would be wrong.

Simon
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18044217

Hey Simon,

Sorry, I meant to post a comment saying that it wasn't ideal with reporting to the screen and that it could be logged to a text file but I ran into a bit of stuff to sort out here.

Anyway, this modification will write any errors (and successes) to a log file.


Option Explicit

Dim objFileSystem, objFile, objStream, objLogFile, objUser
Dim strComputer

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.GetFile("computers.txt")
Set objStream = objFile.OpenAsTextStream(1, 0)

Set objLogFile = objFileSystem.OpenTextFile("PasswordChange.log", 2, True, 0)
 
' This goes through the text file a line at a time.

Do While Not objStream.AtEndOfStream
     strComputer = objStream.ReadLine

     ' We don't want to change anything that doesn't really have a name listed (protects against blank lines)

     If Len(strComputer) > 0 Then
          ' Turn on Error Handling here
          On Error Resume Next : Err.Clear
          Set objUser = GetObject("WinNT://" & strComputer & "/hjbox, user")

          If Err.Number <> 0 Then
               objLogFile.WriteLine strComputer & ": Failed to attach to User: " & Err.Description
          Else
               Err.Clear
               objUser.SetPassword "abcd1234"
               If Err.Number <> 0 Then
                    objLogFile.WriteLine strComputer & ": Failed to set Password: " & Err.Description
              Else
                    objLogFile.WriteLine strComputer & ": Password Reset Successfully"
              End If
          End If
          Set objUser = Nothing

          On Error Goto 0
     End If
Loop

Set objStream = Nothing
Set objFile = Nothing
Set objFileSystem = Nothing


0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044325
Youre a gun thank you Chris!

Simon
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question