Solved

Local Admin Passwords

Posted on 2010-08-25
11
472 Views
Last Modified: 2013-12-26
Answer Worth 500 Points!

Objective: In a 2003server / XP Client enviroment - Deploy a solution to quickly change/reset administrator local password in automation. One-time only logon change needed.

Current Solution: Scripting a logon with Group Policy to change local admin password.

Problem: Does not work with current client access- will require admin rights. An need a work around.

On Error Resume Next
Set objOU = GetObject("LDAP://OU=Computers, OU=Engineering, DC=<SERVER>, DC=LOCAL")
objOU.Filter = Array("Computer")

For Each objItem in objOU
    strComputer = objItem.CN
    Set objUser = GetObject("WinNT://" & strComputer & "/Administrator")
    objUser.SetPassword("Password")
Next

Wscript.Echo "Passwords have been changed.!"
0
Comment
Question by:Jmarcomb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
11 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33523897
Do you have any Windows Vista/7/2008 boxes anywhere in your domain.  If you do you can use group policy preferences to do this

http://abskb.spaces.live.com/blog/cns!8834054641A09100!1071.entry?sa=500679251

Thanks

Mike
0
 

Author Comment

by:Jmarcomb
ID: 33524265
I have a few windows 7 clients. The directions in the link are unclear for me to proceed.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33524609
So with Windows 7 clients you can use GPP, Darren has a good overview here

http://www.gpoguy.com/Portals/0/Group%20Policy%20Preferences%20Overview.pdf

The XP machines will need some pre-reqs.

I'll also add the VBScript zone to this question

Thanks

Mike
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Jmarcomb
ID: 33525600
Resarching your solution..
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 33527512
Hi, first off, the script you have should not be run at logon, because it runs against multiple computers each time it is run.

All you should need is a startup script (under Computer Configuration) applied to the OU in question, with the following code:

    Set objNetwork = CreateObject("WScript.Network")
    strComputer = objNetwork.ComputerName
    Set objUser = GetObject("WinNT://" & strComputer & "/Administrator")
    objUser.SetPassword("Password")

Regards,

Rob.
0
 

Author Comment

by:Jmarcomb
ID: 33554154
Still working solution.. Will have an answer monday. Thanks.
0
 

Author Closing Comment

by:Jmarcomb
ID: 33562301
There are other options. This one is the best way for my network.
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33563341
Thanks for the grade.

Regards,

Rob.
0
 

Author Comment

by:Jmarcomb
ID: 33566445
Ok- I jumped the gone on this topic. It did not work with group policy from the domain controller to clients using XP. It would however work from locl machine group policy. That is not the desired effect. I want to control it from a central location.
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33572636
For it to work from domain Group Policy, you need to have it as a StartUp script, under Computer Configuration, and you should be pointing the policy to the script that you have copied directly into the NetLogon share of your domain controllers.

Regards,

Rob.
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setup new Server 2012R2 DC 1 63
Testrail - Active Directory integration. 4 35
List of Active Users in AD 5 60
CMD VB Script: remove empty rows 12 13
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
The viewer will learn how to count occurrences of each item in an array.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question