Script that appends whole or part of serial number to password

A friend of mine is trying to do the following (as best I can understand):

If there are 2 computers and one is 1b2f1 and the second is 1b2f2 and the password is password, then the first computer would be set to password1b2f1 and the second would be set to password1b2f2.  Anyone done this (with a script as there are a ton of computers to do)?
LVL 31
Thomas Zucker-ScharffSolution GuideAsked:
Who is Participating?
 
Jose Gabriel Ortega CEE Solution Guide - CEO Faru Bonon ITCommented:
#Do-ChangePassword -Filepath ".\computersfile.txt"
[cmdletbinding()]
param(
    #parameter to be received as mandatory with the url of the txt file with the name of computers.
    [Parameter(Mandatory=$true,Position=0,ValueFromPipeline=$true)]$FilePath
)

#this function will check if the computer is online and will check the password after that check.
function Reset-LocalAdminPassword{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer,
        [Parameter(position=0,mandatory=$true)]$pwd
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $account = [ADSI]("WinNT://$Computer/Administrator,user")
            $account.psbase.invoke("setpassword",$pwd)
            Write-Verbose "`tPassword Change completed successfully"
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        
        $obj = New-Object -TypeName PSObject -Property @{"ComputerName"= $Computer;"IsOnline"=$Isonline;"PasswordChangeStatus"=$Status}
        $obj | Select ComputerName, IsOnline, PasswordChangeStatus
 

    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
}
function Get-SerialNumber{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $serial = wmic /NODE $Computer bios get serialnumber -ea stop
            if(!$serial)
            {
                Write-Verbose "`tPSerial received correctly"
            }
            
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        if(!$serial){return $serial}
    }
}

#this is the script itself it will read the file from computers and it will be setting up the password variable and set that up into the computer administrator account.
Get-Context $FilePath | %{ 
    #get serial
    $serial=Get-SerialNumber -Computer $_; 
    #Append to the word password at the beginning
    $password="password$serial"; 
    #reset local admin password
    Reset-LocalAdminPassword -Computer $_ -pwd $password }

Open in new window

0
 
Jose Gabriel Ortega CEE Solution Guide - CEO Faru Bonon ITCommented:
What bout this:
"1b2f1","1b2f2" |%{  $name="password$_"; write-host $name}

Open in new window

0
 
McKnifeCommented:
Hi.

Net user username password%computername%

Open in new window

1
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
Jose Gabriel Ortega CEE Solution Guide - CEO Faru Bonon ITCommented:
Or for this :
#Do-ChangePassword -Filepath ".\computersfile.txt"
[cmdletbinding()]
param(
    #parameter to be received as mandatory with the url of the txt file with the name of computers.
    [Parameter(Mandatory=$true,Position=0,ValueFromPipeline=$true)]$FilePath
)

#this function will check if the computer is online and will check the password after that check.
function Reset-LocalAdminPassword{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer,
        [Parameter(position=0,mandatory=$true)]$pwd
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $account = [ADSI]("WinNT://$Computer/Administrator,user")
            $account.psbase.invoke("setpassword",$pwd)
            Write-Verbose "`tPassword Change completed successfully"
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        
        $obj = New-Object -TypeName PSObject -Property @{"ComputerName"= $Computer;"IsOnline"=$Isonline;"PasswordChangeStatus"=$Status}
        $obj | Select ComputerName, IsOnline, PasswordChangeStatus
 

    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
}

#this is the script itself it will read the file from computers and it will be setting up the password variable and set that up into the computer administrator account.
Get-Context $FilePath | %{ $password="password$_"; Reset-LocalAdminPassword -Computer $_ -pwd $password }

Open in new window

Save the file as Do-ChangePassword.ps1

Do-ChangePassword.ps1 -Filepath ".\computersfile.txt"

Open in new window

0
 
Thomas Zucker-ScharffSolution GuideAuthor Commented:
I have given the info you both provided to my friend and he will get back to me as to the best answer.
0
 
Thomas Zucker-ScharffSolution GuideAuthor Commented:
The script seems to work except it gets the computer name instead of the serial number.  Is there a way to get the serial number instead?
0
 
Jose Gabriel Ortega CEE Solution Guide - CEO Faru Bonon ITCommented:
Yes but some of them should not have
wmic /NODE "PCName" bios get serialnumber

Open in new window


source:https://www.petri.com/forums/forum/microsoft-networking-services/system-management/48577-retrieving-a-serial-from-a-remote-computer
0
 
McKnifeCommented:
Thomas, what serial number? Where can it be retrieved? Should it be retrieved at all, or do you already have a list that connects pc name and serial number?

And by the way, why would you construct a password that way, what is the reason?
0
 
Thomas Zucker-ScharffSolution GuideAuthor Commented:
I am a little unclear as to the reason.  He is the Security Analyst/Officer for a university. They are trying to implement  a way to prevent users in moving some way. He can explain it better.  He is reading this thread,  butt cannot post. I'll ask him for specifics.
0
 
David Johnson, CD, MVPOwnerCommented:
let them only logon to ONE computer by using Active Directory
0
 
Thomas Zucker-ScharffSolution GuideAuthor Commented:
I spoke to my friend and this script solved the issue
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.