Solved

Script for finding blank local admin passwords

Posted on 2007-11-25
7
495 Views
Last Modified: 2013-12-04
Guys...I need to investigate the workstations (Windows 2000/XP) which have been doled out to the users without assigning a passsword to Local administrator account.

Bereft of SMS or any such tool, I guess it's not going to be an easy job.

Anyone, got any script to run for such an invetigative procedure throughout my LAN?
0
Comment
Question by:Petrofac_ITlogmein
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345806
If those machines are member of an Active Directory Domain then you can scan them with MBSA (Microsoft Baseline Security Analyzer). MBSA does not flag empty passwords on empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx

J.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345812
Oops, serious type. The second sentence should have read:
MBSA does not flag empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.


J.
0
 

Author Comment

by:Petrofac_ITlogmein
ID: 20346077
Thanks PowerIT, this is nice! Yes..the machines are part of an AD domain.
Related...can I also assign a password to local admin account, if found empty, using some utility or I'll have to visit the PCs physical location?
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 250 total points
ID: 20346221
0
 
LVL 11

Assisted Solution

by:bsharath
bsharath earned 250 total points
ID: 20347968
Ok here are some methods to chage the local admin password...
Use this as the login script.This even delivers reports on whose machines passwords have been changed.

@ECHO OFF
ECHO %COMPUTERNAME% >>\\Machinename\Foldername\PwdChangeStatus.txt
NET USER Administrator Newpasswordhere >>\\Machinename\Foldername\PwdChangeStatus.txt
ECHO. >>\\indiasophos\ps\PwdChangeStatus.txt
EXIT /B /0
Use this software to change the passwords of all machines in the Domain or in the file.
Download DC-PasswordChanger (DCPC)
http://www.danish-company.com/dcpc

Note **** Make sure not to select all machines in the Domain as this includes changing the Dc's Domain controllers passwords also then you may be having issues with the Domain\administrator logins.

Hope this helps.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question