eallerton
asked on
Script to change passwords in local services on Windows 2003
Hey Everyone,
I need a script to change all the passwords tied to Services on my Windows 2003 Machines.
I'm changing the local password (for security purposes) and I need a script to run and change all the passwords in the services so nothing stops.
Help please!
Thanks
I need a script to change all the passwords tied to Services on my Windows 2003 Machines.
I'm changing the local password (for security purposes) and I need a script to run and change all the passwords in the services so nothing stops.
Help please!
Thanks
ASKER
The account that all services are usually bound to is the default administrator local account, or am I mistaken?
That being said, I want to change all the passwords using the local administrator to the desired password.
Also, I'm assuming to make that into a batch file and run it, correct?
That being said, I want to change all the passwords using the local administrator to the desired password.
Also, I'm assuming to make that into a batch file and run it, correct?
Not at all; just check the "Logon as" column in services.msc. Unless you've installed your own services, the accounts used are Local Service, Local System, Network Service.
Yes, you can use the above as template.
But then again, since you might have to change the properties of some services anyway, why not go the full nine yards and change services using "Administrator" to dedicated accounts?
Yes, you can use the above as template.
But then again, since you might have to change the properties of some services anyway, why not go the full nine yards and change services using "Administrator" to dedicated accounts?
ASKER
Just to make sure I understand this.
BACKUP EXEC is using Domain\Administrator (If I change the admin password, do I need to change the password in the services)
about 70% of the services are local system (I assume I need to change the password if I change the local server's password, correct?)
Some are NT AUTHORITY\LocalService or NT AUTHORITY\NetworkService (I assume I Don't need to touch these)
Is it best practice to have ALL the services running as Local System/Service/NetworkServ
Or just all the Windows 2003 builtin services and have all the installed software (BACKUP EXEC) run on a dedicated account
BACKUP EXEC is using Domain\Administrator (If I change the admin password, do I need to change the password in the services)
about 70% of the services are local system (I assume I need to change the password if I change the local server's password, correct?)
Some are NT AUTHORITY\LocalService or NT AUTHORITY\NetworkService (I assume I Don't need to touch these)
Is it best practice to have ALL the services running as Local System/Service/NetworkServ
Or just all the Windows 2003 builtin services and have all the installed software (BACKUP EXEC) run on a dedicated account
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That said, you can use sc.exe to change the service password (and/or the service account) (note the space after "password="!).
Try to avoid the following characters in the password, as they may lead to unexpected results: < | > % ^ &
Note that the service will have to be restarted once the password has been changed.
Open in new window