Script that appends whole or part of serial number to password

Thomas Zucker-Scharff
Thomas Zucker-Scharff used Ask the Experts™
on
A friend of mine is trying to do the following (as best I can understand):

If there are 2 computers and one is 1b2f1 and the second is 1b2f2 and the password is password, then the first computer would be set to password1b2f1 and the second would be set to password1b2f2.  Anyone done this (with a script as there are a ton of computers to do)?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jose Gabriel Ortega CastroCEO Faru Bonon IT /Top Rated Freelancer on Upwork / Photographer
Awarded 2018
Distinguished Expert 2018

Commented:
What bout this:
"1b2f1","1b2f2" |%{  $name="password$_"; write-host $name}

Open in new window

Distinguished Expert 2018

Commented:
Hi.

Net user username password%computername%

Open in new window

Jose Gabriel Ortega CastroCEO Faru Bonon IT /Top Rated Freelancer on Upwork / Photographer
Awarded 2018
Distinguished Expert 2018

Commented:
Or for this :
#Do-ChangePassword -Filepath ".\computersfile.txt"
[cmdletbinding()]
param(
    #parameter to be received as mandatory with the url of the txt file with the name of computers.
    [Parameter(Mandatory=$true,Position=0,ValueFromPipeline=$true)]$FilePath
)

#this function will check if the computer is online and will check the password after that check.
function Reset-LocalAdminPassword{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer,
        [Parameter(position=0,mandatory=$true)]$pwd
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $account = [ADSI]("WinNT://$Computer/Administrator,user")
            $account.psbase.invoke("setpassword",$pwd)
            Write-Verbose "`tPassword Change completed successfully"
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        
        $obj = New-Object -TypeName PSObject -Property @{"ComputerName"= $Computer;"IsOnline"=$Isonline;"PasswordChangeStatus"=$Status}
        $obj | Select ComputerName, IsOnline, PasswordChangeStatus
 

    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
}

#this is the script itself it will read the file from computers and it will be setting up the password variable and set that up into the computer administrator account.
Get-Context $FilePath | %{ $password="password$_"; Reset-LocalAdminPassword -Computer $_ -pwd $password }

Open in new window

Save the file as Do-ChangePassword.ps1

Do-ChangePassword.ps1 -Filepath ".\computersfile.txt"

Open in new window

11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

Author

Commented:
I have given the info you both provided to my friend and he will get back to me as to the best answer.

Author

Commented:
The script seems to work except it gets the computer name instead of the serial number.  Is there a way to get the serial number instead?
Jose Gabriel Ortega CastroCEO Faru Bonon IT /Top Rated Freelancer on Upwork / Photographer
Awarded 2018
Distinguished Expert 2018

Commented:
Yes but some of them should not have
wmic /NODE "PCName" bios get serialnumber

Open in new window


source:https://www.petri.com/forums/forum/microsoft-networking-services/system-management/48577-retrieving-a-serial-from-a-remote-computer
CEO Faru Bonon IT /Top Rated Freelancer on Upwork / Photographer
Awarded 2018
Distinguished Expert 2018
Commented:
#Do-ChangePassword -Filepath ".\computersfile.txt"
[cmdletbinding()]
param(
    #parameter to be received as mandatory with the url of the txt file with the name of computers.
    [Parameter(Mandatory=$true,Position=0,ValueFromPipeline=$true)]$FilePath
)

#this function will check if the computer is online and will check the password after that check.
function Reset-LocalAdminPassword{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer,
        [Parameter(position=0,mandatory=$true)]$pwd
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $account = [ADSI]("WinNT://$Computer/Administrator,user")
            $account.psbase.invoke("setpassword",$pwd)
            Write-Verbose "`tPassword Change completed successfully"
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        
        $obj = New-Object -TypeName PSObject -Property @{"ComputerName"= $Computer;"IsOnline"=$Isonline;"PasswordChangeStatus"=$Status}
        $obj | Select ComputerName, IsOnline, PasswordChangeStatus
 

    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
}
function Get-SerialNumber{
    [Cmdletbinding()]
    param(
        [Parameter(position=0,mandatory=$true)]$Computer
    )
    BEGIN{
        #check if computer is online
        #$secureString = $pwd | ConvertTo-SecureString -AsPlainText -Force
        $Computer = $Computer.toupper()
        $Isonline = "OFFLINE"
        $Status   = "SUCCESS"
            Write-Verbose "Working on $Computer"
        if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
            $Isonline = "ONLINE"
            Write-Verbose "`t$Computer is Online"
        }
        else { Write-Verbose "`t$Computer is OFFLINE" }
    }
    PROCESS{
        try {
            $serial = wmic /NODE $Computer bios get serialnumber -ea stop
            if(!$serial)
            {
                Write-Verbose "`tPSerial received correctly"
            }
            
        }
        catch {
            $status = "FAILED"
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
    }
    END{
        if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
            $error=$_.Exception.Message
            write-host "Failed to set the password for the local admin with message: $error".
        }
        if(!$serial){return $serial}
    }
}

#this is the script itself it will read the file from computers and it will be setting up the password variable and set that up into the computer administrator account.
Get-Context $FilePath | %{ 
    #get serial
    $serial=Get-SerialNumber -Computer $_; 
    #Append to the word password at the beginning
    $password="password$serial"; 
    #reset local admin password
    Reset-LocalAdminPassword -Computer $_ -pwd $password }

Open in new window

Distinguished Expert 2018

Commented:
Thomas, what serial number? Where can it be retrieved? Should it be retrieved at all, or do you already have a list that connects pc name and serial number?

And by the way, why would you construct a password that way, what is the reason?

Author

Commented:
I am a little unclear as to the reason.  He is the Security Analyst/Officer for a university. They are trying to implement  a way to prevent users in moving some way. He can explain it better.  He is reading this thread,  butt cannot post. I'll ask him for specifics.
Top Expert 2016

Commented:
let them only logon to ONE computer by using Active Directory

Author

Commented:
I spoke to my friend and this script solved the issue

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial