Solved

Changing a password for a local user account remotely through script

Posted on 2006-11-30
8
251 Views
Last Modified: 2013-12-23
Hi guys!
Hope you can help out.

We have an NT domain.

We have a local user account, let's say its called "hjbox" on all our NT machines.
Often, people change the password, that then later we have to remote in and change it back to the right password for the day.

What Id like to do is the following:

Let's say we have discovered on our network that 50 NT machines need to have the password changed to a common password...lets say password should be "abcd1234".

Is there any way to script this out, so that when the script runs, it changes the password for the local account "hjbox" on all these 50 workstations?
I really dont want to push out a scheduled task to do this, but would rather get immediate feedback through a logfile of all that have been successfully changed.

Any help greatly appreciated.

Simon
0
Comment
Question by:Simon336697
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18043972

Hi Simon,

Yep, that's certainly possible.

It would need running as someone with administrative access on all machines - but that can't be unexpected.

How did you want to define which machines it runs for? Text File? Or just for everything listed in, er, Server manager (? I forget, long long time since I've used WinNT admin tools).

Anyway, this is what we run (it's VbScript - .vbs) to change the password itself:

Set objUser = GetObject("WinNT://" & strComputerName & "/hjbox, user")
objUser.SetPassword "abcd1234"
Set objUser = Nothing

Nice and easy, all we need to do is tell it what strComputerName is, then loop through all the computers you want to change.

HTH

Chris
0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044009
Hi Chris!

Thank you so much mate..So quick...I dont know how you guys do it.

Chris,
We do have a mixture of NT domains and 2003 AD domain, purely because we support different companies, and these different companies are members of different domains.

So, what I would need to do is:

Gather a list of NT machines that have had the password for hjbox not set to the correct password eg.lets say it should be abcd1234 (I dont know how we would do this).
Then as you say to define probably through a text file listing all those machines the vbs script is to parse.

If possible, could you please help me in how your script would use a text file/point to the text file and run the script for every computer name in the text file?

Is there any way to get instant feedback of success/failure of the script for each computer it is run against eg.log file with computer name and success/failure.

Thanks so much Chris.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 18044084

Hey,

Identifying the computers in the first place would be tricky - normally the simpler approach is to just reset the password for all machines that should have it - it saves a step and doesn't really things too tricky.

If we assume we've managed to identify where changes are necessary and we have a list of computers that looks like this:

BobsComputer
JaneWinXP
ITTest

etc, etc.

We'll call that "computers.txt" for now (and that's in the same directory as the script), then we can do this:


Option Explicit

Dim objFileSystem, objFile, objStream, objUser
Dim strComputer

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.GetFile("computers.txt")
Set objStream = objFile.OpenAsTextStream(1, 0)

' This goes through the text file a line at a time.

Do While Not objStream.AtEndOfStream
      strComputer = objStream.ReadLine

      ' We don't want to change anything that doesn't really have a name listed (protects against blank lines)

      If Len(strComputer) > 0 Then
            ' Turn on Error Handling here
            On Error Resume Next : Err.Clear
            Set objUser = GetObject("WinNT://" & strComputer & "/hjbox, user")

            If Err.Number <> 0 Then
                  WScript.Echo "Failed to attach to User on " & strComputer & ": " & Err.Description
            Else
                  Err.Clear
                  objUser.SetPassword "abcd1234"
                  If Err.Number <> 0 Then
                        WScript.Echo "Failed to set Password on " & strComputer & ": " & Err.Description
                  End If
            End If
            Set objUser = Nothing

            On Error Goto 0
      End If
Loop

Set objStream = Nothing
Set objFile = Nothing
Set objFileSystem = Nothing


Of course there are other ways to figure out the list of PCs. For WinNT it's not as easy, everything is stored in a very flat structure and it's not easy to eliminate those we don't want to change programatically. However, in AD we have a great deal of flexibility and we can change for a single OU, all OUs except one, a selection of OUs, etc etc etc. I can cover that as well if it's of interest.

Chris
0
Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.

 
LVL 1

Author Comment

by:Simon336697
ID: 18044102
Chris!

What can I say?

A huge huge thankyou to your expertise from a simple aussie down under.
I hope this gets you your 1000th question answered mate.

Thank you so much again.

I will test this out now at work, but wont hassle you again.

Thanks again Chris.

Simon
0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044115
Chris sorry!

Does the above script youve created pump the results out to a text file?
Ideally this would be great.
Only (and only if youve got the time/inclination), a version of this for AD would be fantastic, but as I said, I dont expect anything more.
Youve been great!

Simon
0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044126
Chris!

BTW I did post another question about this issue on here.
It asks about polling all NT boxes to see when the perl script (run.pl) was last run.
This is the script that changes the daily password on these machines.
If I can determine what boxes the script has failed to run on, then I could hone in on the computers that probably require their passwords changed as the passwords on these computers would be wrong.

Simon
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18044217

Hey Simon,

Sorry, I meant to post a comment saying that it wasn't ideal with reporting to the screen and that it could be logged to a text file but I ran into a bit of stuff to sort out here.

Anyway, this modification will write any errors (and successes) to a log file.


Option Explicit

Dim objFileSystem, objFile, objStream, objLogFile, objUser
Dim strComputer

Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.GetFile("computers.txt")
Set objStream = objFile.OpenAsTextStream(1, 0)

Set objLogFile = objFileSystem.OpenTextFile("PasswordChange.log", 2, True, 0)
 
' This goes through the text file a line at a time.

Do While Not objStream.AtEndOfStream
     strComputer = objStream.ReadLine

     ' We don't want to change anything that doesn't really have a name listed (protects against blank lines)

     If Len(strComputer) > 0 Then
          ' Turn on Error Handling here
          On Error Resume Next : Err.Clear
          Set objUser = GetObject("WinNT://" & strComputer & "/hjbox, user")

          If Err.Number <> 0 Then
               objLogFile.WriteLine strComputer & ": Failed to attach to User: " & Err.Description
          Else
               Err.Clear
               objUser.SetPassword "abcd1234"
               If Err.Number <> 0 Then
                    objLogFile.WriteLine strComputer & ": Failed to set Password: " & Err.Description
              Else
                    objLogFile.WriteLine strComputer & ": Password Reset Successfully"
              End If
          End If
          Set objUser = Nothing

          On Error Goto 0
     End If
Loop

Set objStream = Nothing
Set objFile = Nothing
Set objFileSystem = Nothing


0
 
LVL 1

Author Comment

by:Simon336697
ID: 18044325
Youre a gun thank you Chris!

Simon
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question