Solved

Need a script that can set a local admin password

Posted on 2008-06-24
6
231 Views
Last Modified: 2010-04-16
I'd like a simple script to set the local admin password, something that can be applied via group policy.  Can anyone point me in the right direction on this?

Thanks!
0
Comment
Question by:instaIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 21857905
0
 
LVL 8

Expert Comment

by:rjwesley
ID: 21857973
Never tried it but I hear it works........http://www.systemtools.com/

http://technet.microsoft.com/en-ca/library/bb742536.aspx - possibly works on 2003?

Rob
0
 
LVL 17

Expert Comment

by:Jared Luker
ID: 21858170
Keep in mind that if you do that, you will be sending your local admin password out in plain text and also storing it in a location where users can get to it.

It's not a good idea security wise.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 5

Expert Comment

by:RightNL
ID: 21858438
do you absolutly need the localadmin? if not why not disable using gpo..

try: http://www.moernaut.com/default.aspx?item=supercrypt

and ofcourse there is an earlier solutions on this forum

http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_23433534.html

0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 21858494
You can 'build' yourself a little utility to change the local administrator's password remotely using the cusrmgr.exe command. I have written a very simple batch file below that will allow you to do it.

From an earlier post of mine:
I don't know how familiar you are with batch files so I will explain in detail.
Copy from the Windows 2000 Resource Kit or from  http://www.activexperts.com/activmonitor/windowsmanagement/reskit2000/  the file cusrmgr.exe and put it in a folder of your choice. I would do this from the domain controller but it should work from any workstation in the domain so long as you are logged in as a domain admin.
In the same folder create a batch file named ChngPass.bat or similar. Do this by entering the text below in Notepad and saving as "ChngPass.bat" make sure you use the quotation marks to assure it saves as a batch file. Enter your password in the first line of the batch file containing Set. Now simply run by going to a command prompt. Change to the directory where you put your files and enter:
 
ChngPass computername
 
I have incorporated the password in the batch file as I assume you want to change several computers, and this way you will not have to enter it each time. By the way enter the computer name only not \\computername.
NOTE: The password is stored in the batch file in clear text. As soon as you have completed your changes you should remove the password.
 
If you have many computers, or do this frequently, you can create a text list of computers and have it run a loop to change them all to the new password in one step. If you need a batch file to do that, I'm off for a couple of days, but let me know and I can modify and post on Monday for you .
--Rob
 
 
:: will change local administrator password on computer %1
:: enter your password in first set line
:: (Note: -P (warning, lower case p generates random password) see csrmgr.exe /? for full syntax
Cls
Set NewPW=newpassword
cusrmgr.exe -u Administrator -m \\%1 -P %NewPW
Set NewPW=
0
 
LVL 8

Accepted Solution

by:
CoyotesIT earned 500 total points
ID: 21860136
I use this for our quarterly password changes on all local admin accounts, this script renames the local administrator account to sysadmin, so if you dont want that take it out. then just add it to the startup scripts in your gpo...

Good luck!
On Error Resume Next
Const ForReading = 1
Const ForWriting = 2
Const ForAppending = 8
 
Set oFs = CreateObject("Scripting.FileSystemObject")
Set oLog = oFs.OpenTextFile("LocalPassword.log", ForAppending, True)
Set oNet = CreateObject("WScript.Network")
Set oArg = WScript.Arguments
 
'sComputer = oNet.ComputerName
sComputer = oArg(0)
sAdministratorName = "sysadmin"
sPassword = "<YOUR_NEW_PASSWORD>"
sLocalAdministrator = LCase(GetCurrentAdministratorName)
 
 
If sLocalAdministrator = sAdministratorName Then
    oLog.Write LogWriteTime & " " & sComputer & " - Found Local Administrator: " & sLocalAdministrator & vbcrlf
    Set oAccount = GetObject("WinNT://" & sComputer & "/" & sLocalAdministrator & ",user")
    oAccount.SetPassword sPassword
    oAccount.SetInfo
    
    If Err = 0 Then
        oLog.Write LogWriteTime & " " & sComputer & " - Password Set: True" & vbcrlf
    Else
        oLog.Write LogWriteTime & " " & sComputer & " - Password Set: False" & vbcrlf
    End If
    oLog.Close()
Else
    oLog.Write LogWriteTime & " " & sComputer & " - Found Local Administrator: " & sLocalAdministrator & vbcrlf
    Set oComputer = GetObject("WinNT://" & sComputer)
    Set oAccount = GetObject("WinNT://" & sComputer & "/" & sLocalAdministrator & ",user")
    oAccount.SetPassword sPassword
    oAccount.SetInfo
    
    If Err = 0 Then
        oLog.Write LogWriteTime & " " & sComputer & " - Password Set: True" & vbcrlf
    Else
        oLog.Write LogWriteTiime & " " & sComputer & " - Password Set: False" & vbcrlf
    End If
    
    Set oRenameAccount = oComputer.MoveHere(oAccount.ADsPath, sAdministratorName)
    
    If Err = 0 Then
        oLog.Write LogWriteTime & " " & sComputer & " - Renamed Local Administrator [" & sLocalAdministrator & "] to [" & sAdministratorName & "]: True" & vbcrlf
    Else
        oLog.Write LogWriteTime & " " & sComputer & " - Renamed Local Administrator [" & sLocalAdministrator & "] to [" & sAdministratorName & "]: False" & vbcrlf
    End If
    oLog.Close()
End If
 
Function GetCurrentAdministratorName
    Dim sUserSID, oWshNetwork, oUserAccount
 
    Set oWshNetwork = CreateObject("WScript.Network")
    Set oUserAccounts = GetObject("winmgmts://" & oWshNetwork.ComputerName & "/root/cimv2").ExecQuery("Select Name, SID from Win32_UserAccount" _
        & " WHERE Domain = '" & oWshNetwork.ComputerName & "'")
 
    On Error Resume Next
        For Each oUserAccount In oUserAccounts
        If Left(oUserAccount.SID, 9) = "S-1-5-21-" And Right(oUserAccount.SID, 4) = "-500" Then
            GetCurrentAdministratorName = oUserAccount.Name
            Exit For
        End if
    Next
End Function
 
Function LogWriteTime
    LogWriteTime = "[" & Date() & " - " & Time() & "] "
End Function

Open in new window

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
OneNote cannot connect to OneDrive 6 119
Cannot take ownership of a folder 8 77
Windows 2008 set profile 9 48
AD account Auto logoff 1 38
If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question