Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Script for finding blank local admin passwords

Posted on 2007-11-25
7
Medium Priority
?
512 Views
Last Modified: 2013-12-04
Guys...I need to investigate the workstations (Windows 2000/XP) which have been doled out to the users without assigning a passsword to Local administrator account.

Bereft of SMS or any such tool, I guess it's not going to be an easy job.

Anyone, got any script to run for such an invetigative procedure throughout my LAN?
0
Comment
Question by:Petrofac_ITlogmein
  • 3
5 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345806
If those machines are member of an Active Directory Domain then you can scan them with MBSA (Microsoft Baseline Security Analyzer). MBSA does not flag empty passwords on empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx

J.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345812
Oops, serious type. The second sentence should have read:
MBSA does not flag empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.


J.
0
 

Author Comment

by:Petrofac_ITlogmein
ID: 20346077
Thanks PowerIT, this is nice! Yes..the machines are part of an AD domain.
Related...can I also assign a password to local admin account, if found empty, using some utility or I'll have to visit the PCs physical location?
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 1000 total points
ID: 20346221
0
 
LVL 11

Assisted Solution

by:bsharath
bsharath earned 1000 total points
ID: 20347968
Ok here are some methods to chage the local admin password...
Use this as the login script.This even delivers reports on whose machines passwords have been changed.

@ECHO OFF
ECHO %COMPUTERNAME% >>\\Machinename\Foldername\PwdChangeStatus.txt
NET USER Administrator Newpasswordhere >>\\Machinename\Foldername\PwdChangeStatus.txt
ECHO. >>\\indiasophos\ps\PwdChangeStatus.txt
EXIT /B /0
Use this software to change the passwords of all machines in the Domain or in the file.
Download DC-PasswordChanger (DCPC)
http://www.danish-company.com/dcpc

Note **** Make sure not to select all machines in the Domain as this includes changing the Dc's Domain controllers passwords also then you may be having issues with the Domain\administrator logins.

Hope this helps.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question