?
Solved

Script for finding blank local admin passwords

Posted on 2007-11-25
7
Medium Priority
?
500 Views
Last Modified: 2013-12-04
Guys...I need to investigate the workstations (Windows 2000/XP) which have been doled out to the users without assigning a passsword to Local administrator account.

Bereft of SMS or any such tool, I guess it's not going to be an easy job.

Anyone, got any script to run for such an invetigative procedure throughout my LAN?
0
Comment
Question by:Petrofac_ITlogmein
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345806
If those machines are member of an Active Directory Domain then you can scan them with MBSA (Microsoft Baseline Security Analyzer). MBSA does not flag empty passwords on empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.

http://www.microsoft.com/technet/security/tools/mbsa2/default.mspx

J.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20345812
Oops, serious type. The second sentence should have read:
MBSA does not flag empty local passwords when the machines are in a workgroup, so hopefully you are in a domain.


J.
0
 

Author Comment

by:Petrofac_ITlogmein
ID: 20346077
Thanks PowerIT, this is nice! Yes..the machines are part of an AD domain.
Related...can I also assign a password to local admin account, if found empty, using some utility or I'll have to visit the PCs physical location?
0
 
LVL 18

Accepted Solution

by:
PowerIT earned 1000 total points
ID: 20346221
0
 
LVL 11

Assisted Solution

by:bsharath
bsharath earned 1000 total points
ID: 20347968
Ok here are some methods to chage the local admin password...
Use this as the login script.This even delivers reports on whose machines passwords have been changed.

@ECHO OFF
ECHO %COMPUTERNAME% >>\\Machinename\Foldername\PwdChangeStatus.txt
NET USER Administrator Newpasswordhere >>\\Machinename\Foldername\PwdChangeStatus.txt
ECHO. >>\\indiasophos\ps\PwdChangeStatus.txt
EXIT /B /0
Use this software to change the passwords of all machines in the Domain or in the file.
Download DC-PasswordChanger (DCPC)
http://www.danish-company.com/dcpc

Note **** Make sure not to select all machines in the Domain as this includes changing the Dc's Domain controllers passwords also then you may be having issues with the Domain\administrator logins.

Hope this helps.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question