Link to home
Create AccountLog in
Avatar of Thomas Zucker-Scharff
Thomas Zucker-ScharffFlag for United States of America

asked on

Script that appends whole or part of serial number to password

A friend of mine is trying to do the following (as best I can understand):

If there are 2 computers and one is 1b2f1 and the second is 1b2f2 and the password is password, then the first computer would be set to password1b2f1 and the second would be set to password1b2f2.  Anyone done this (with a script as there are a ton of computers to do)?
Avatar of J0rtIT
J0rtIT
Flag of Venezuela, Bolivarian Republic of image

What bout this:
"1b2f1","1b2f2" |%{  $name="password$_"; write-host $name}

Open in new window

Hi.

Net user username password%computername%

Open in new window

Or for this :
#Do-ChangePassword -Filepath ".\computersfile.txt"
[cmdletbinding()]
param(
    #parameter to be received as mandatory with the url of the txt file with the name of computers.
    [Parameter(Mandatory=$true,Position=0,ValueFromPipeline=$true)]$FilePath
)

#this function will check if the computer is online and will check the password after that check.
function Reset-LocalAdminPassword{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer,
        [Parameter(position=0,mandatory=$true)]$pwd
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $account = [ADSI]("WinNT://$Computer/Administrator,user")
            $account.psbase.invoke("setpassword",$pwd)
            Write-Verbose "`tPassword Change completed successfully"
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        
        $obj = New-Object -TypeName PSObject -Property @{"ComputerName"= $Computer;"IsOnline"=$Isonline;"PasswordChangeStatus"=$Status}
        $obj | Select ComputerName, IsOnline, PasswordChangeStatus
 

    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
}

#this is the script itself it will read the file from computers and it will be setting up the password variable and set that up into the computer administrator account.
Get-Context $FilePath | %{ $password="password$_"; Reset-LocalAdminPassword -Computer $_ -pwd $password }

Open in new window

Save the file as Do-ChangePassword.ps1

Do-ChangePassword.ps1 -Filepath ".\computersfile.txt"

Open in new window

Avatar of Thomas Zucker-Scharff

ASKER

I have given the info you both provided to my friend and he will get back to me as to the best answer.
The script seems to work except it gets the computer name instead of the serial number.  Is there a way to get the serial number instead?
ASKER CERTIFIED SOLUTION
Avatar of J0rtIT
J0rtIT
Flag of Venezuela, Bolivarian Republic of image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thomas, what serial number? Where can it be retrieved? Should it be retrieved at all, or do you already have a list that connects pc name and serial number?

And by the way, why would you construct a password that way, what is the reason?
I am a little unclear as to the reason.  He is the Security Analyst/Officer for a university. They are trying to implement  a way to prevent users in moving some way. He can explain it better.  He is reading this thread,  butt cannot post. I'll ask him for specifics.
let them only logon to ONE computer by using Active Directory
I spoke to my friend and this script solved the issue