Solved

Script for finding blank local admin passwords

Posted on 2007-11-25
7
491 Views
Last Modified: 2013-12-04
Guys...I need to investigate the workstations (Windows 2000/XP) which have been doled out to the users without assigning a passsword to Local administrator account.

Bereft of SMS or any such tool, I guess it's not going to be an easy job.

Anyone, got any script to run for such an invetigative procedure throughout my LAN?
0
Comment
Question by:Petrofac_ITlogmein
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345806
If those machines are member of an Active Directory Domain then you can scan them with MBSA (Microsoft Baseline Security Analyzer). MBSA does not flag empty passwords on empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx

J.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345812
Oops, serious type. The second sentence should have read:
MBSA does not flag empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.


J.
0
 

Author Comment

by:Petrofac_ITlogmein
ID: 20346077
Thanks PowerIT, this is nice! Yes..the machines are part of an AD domain.
Related...can I also assign a password to local admin account, if found empty, using some utility or I'll have to visit the PCs physical location?
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 250 total points
ID: 20346221
0
 
LVL 11

Assisted Solution

by:bsharath
bsharath earned 250 total points
ID: 20347968
Ok here are some methods to chage the local admin password...
Use this as the login script.This even delivers reports on whose machines passwords have been changed.

@ECHO OFF
ECHO %COMPUTERNAME% >>\\Machinename\Foldername\PwdChangeStatus.txt
NET USER Administrator Newpasswordhere >>\\Machinename\Foldername\PwdChangeStatus.txt
ECHO. >>\\indiasophos\ps\PwdChangeStatus.txt
EXIT /B /0
Use this software to change the passwords of all machines in the Domain or in the file.
Download DC-PasswordChanger (DCPC)
http://www.danish-company.com/dcpc

Note **** Make sure not to select all machines in the Domain as this includes changing the Dc's Domain controllers passwords also then you may be having issues with the Domain\administrator logins.

Hope this helps.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you see single cell contains number and text, and you have to get any date out of it seems like cracking our heads.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question