Powershell script reciving The following exception occurred while retrieving member "SetInfo": "Access is denied.

Are you running Powershell as an ADMIN?  I would try that.
Right Click run as Administrator or hold Ctrl + Shift while opening.

Yes, I am running logged in as domain admin and running PS as "Administrator"

Try running PS as a Different user that you know has Domain Admin privileges.

Can you post the script?
You may need to do this in your script

$SecurePassword=ConvertTo-SecureString Pa$$W0rd1 –asplaintext –force

Select allOpen in new window

Ok here is the script:

$path       = "C:\scripts\OutputTEST\OutputTEST.csv.gpg"
$fileexists = Test-Path $path
if ($fileexists) {
Write-Output "Nothing to do, Output directory already exists"
} else {
  New-Item -ItemType directory -Path C:\Scripts\Output\OutputTEST
}
$OldFileName = "C:\scripts\Output\OutputTEST\OutputTEST.csv.gpg"
$OldFileName2 = "C:\scripts\Output\PWLog.txt"
if (Test-Path $OldFileName) 
{
  Remove-Item $OldFileName
}
if (Test-Path $OldFileName2)
{
  Remove-Item $OldFileName2
}
Import-Module C:\scripts\PWRandom\GnuPg.psm1 -Force
$computers = Get-Content -path C:\Scripts\PWRandom\serversTEST.txt
$account = "employee"
$month = Get-Date -UFormat %m
$csv_file = "C:\scripts\Output\OutputTEST\OutputTEST.csv"
Set-Content -Path $csv_file -Value '"Server","Password"'
Foreach($computer in $computers)
{    
$Private:OFS=""
$PasswordLength = 8
$InclChars = "abcdefghkmnprstuvwxyzABCDEFGHKLMNPRSTUVWXYZ1234567890!@#$%^&*()?"
$RandomNums = 1..$PasswordLength | ForEach-Object { Get-Random -Maximum $InclChars.length }
$RNDOM = [String]$InclChars[$RandomNums]
$m_start = "$month".Substring(0,1)
$m_end = "$month".Substring(1,1)
$comp_sub = "$computer".Substring(3,3)
$password = "$m_start" + "$RNDOM" + "$comp_sub".ToLower() + "$m_end"
Add-Content -Path $csv_file -Value "$computer,$password"
$user = [ADSI]"WinNT://$computer/$account,user"
$user.SetPassword($password)
$user.SetInfo()
}
# Encrypt File
Add-Encryption -FolderPath C:\scripts\Output\OutputTEST
# Clear directory of all but encrypted file
$FileName = "C:\scripts\Output\OutputTEST\OutputTEST.csv"
$FileName2 = "C:\scripts\Output\OutputTEST\OutputTEST.csv.gpg.*"
if (Test-Path $FileName) 
{
  Remove-Item $FileName
}
if (Test-Path $FileName2) 
{
  Remove-Item $FileName2
}
# Email DL of Success/Fail
$path       = "C:\scripts\Output\OutputTEST\OutputTEST.csv.gpg"
$fileexists = Test-Path $path   
if ($fileexists) {
  Send-MailMessage `
    -From  `
    -To  `
    -Subject "Password Change successful!(Test)" `
    -Body "The password has been successfuly changed." `
    -SmtpServer prcrelay.prcins.net
} else {
  Send-MailMessage `
    -From  `
   -To  `
    -Subject "Password Change has failed! (Test)" `
    -Body "The password change script has failed,please check for errors and rerun PWRandom from the server again." `
    -SmtpServer 
    }

Select allOpen in new window

Does it have to be Random or are you looking to change all computers local admin password?

Yes, the random is necessary, this is changing the password on all the local admin IDs

But you want it to be different on each machine?

Also how are you running this?  Are you connecting via Remote PSSESSION?

The script reads from a list of servers and performs the action against each server in the list

I do not anywhere in your script the connection to the remote machines.

You can try this

$password = "$m_start" + "$RNDOM" + "$comp_sub".ToLower() + "$m_end"
############################################################
#This will create a secure string for your password.  I do this when creating bulk 
#accounts in AD
############################################################

$SecurePassword=ConvertTo-SecureString $password –asplaintext –force

############################################################
Add-Content -Path $csv_file -Value "$computer,$password"
$user = [ADSI]"WinNT://$computer/$account,user"
$user.SetPassword($SecurePassword)
$user.SetInfo()

Select allOpen in new window

Are you using a netbios name even if the computer is domain joined? Are you using credentials of a user which is local admin?

IMO using LAPS is a better way of doing this.

@yo_bee: I will try that and see if that resolves the issue.

@David Johnson: Unfamiliar with LAPS can it change a large list of servers?

Thank you all for the assistance

@David Johnson: Thank you for the suggestion, however that's a bit more involved than the project calls on.

Still trying to work through what is causing the error, something changed in the environment. Just not sure as to what.
As I keep on this I will update should I find a solution.

Thank you all! And if anyone has further ideas please let me know.

Just out of curiosity: are you using netbios names? WinNT provider should not work with FQDNs.
Moreover, you have to provide Administrator Credentials. On non joined computers that means using local admin creds
https://msdn.microsoft.com/en-us/library/aa746534(v=vs.85).aspx

Find here an old post which is explaining the process clearly and coincisely
https://blogs.technet.microsoft.com/heyscriptingguy/2009/03/25/hey-scripting-guy-how-can-i-change-the-passwords-of-multiple-local-computer-accounts/

@Michelangelo: These servers are joined on the domain. The script is to randomize the local admin PW on the servers. I will look at the articles you posted as well

Roger that. Neverthless you have to provide netbios names (i.e mymachine ok, mymachine.dir.domain.com wrong)

I found this link https://4sysops.com/archives/change-the-local-administrator-password-on-multiple-computers-with-powershell/ that looks like it will get you passed the issue you are having.


Snippet from the site that should replace your FOREACH loop

foreach ($Computer in $Computers) {
   $Computer    =    $Computer.toupper()
   $Isonline    =    "OFFLINE"
   $Status        =    "SUCCESS"
    Write-Verbose "Working on $Computer"
if((Test-Connection -ComputerName $Computer -count 1 -ErrorAction 0)) {
   $Isonline = "ONLINE"
   Write-Verbose "`t$Computer is Online"
} else { Write-Verbose "`t$Computer is OFFLINE" }

try {
   $account = [ADSI]("WinNT://$Computer/Administrator,user")
   $account.psbase.invoke("setpassword",$pwd1_text)
   Write-Verbose "`tPassword Change completed successfully"
}
catch {
  $status = "FAILED"
  Write-Verbose "`tFailed to Change the administrator password. Error: $_"
}

$obj = New-Object -TypeName PSObject -Property @{
  ComputerName = $Computer
  IsOnline = $Isonline
  PasswordChangeStatus = $Status
}

$obj | Select ComputerName, IsOnline, PasswordChangeStatus

if($Status -eq "FAILED" -or $Isonline -eq "OFFLINE") {
   $stream.writeline("$Computer `t $isonline `t $status")
}

}

Select allOpen in new window

Yep. It basically changes the method on the change password action. However, I suspect the error is in the format of the pathnames used with the winnt provider for the ADSI accelerator

@yo_bee: Will give that snippet a shot

@Michelangelo: the list of servers are set to the netbios names (<servername> not <servername.domain.tld>)

Who is Employeee?

I see $account = "employee"

@yo_bee: Typo on the dummy name for the admin account

Ok, so in stripping down the script to it's core I was able to run successfully..Now when I add the encryption lines back in that's when I get failure..

Import-Module C:\scripts\PWRandom\GnuPg.psm1 -Force
# Encrypt File
Add-Encryption -FolderPath C:\scripts\Output\OutputTEST
# Email DL of Success/Fail
$path       = "C:\scripts\Output\OutputMOD\OutputTEST.csv.gpg"
$fileexists = Test-Path $path   
if ($fileexists) {
  Send-MailMessage `
    -From email@email.com `
    -To email@email.com `
    -Subject "Password Change successful!(MOD)" `
    -Body "The password has been successfuly changed." `
    -SmtpServer prcrelay.prcins.net
} else {
  Send-MailMessage `
    -From email@email.com `
   -To email@email.com `
    -Subject "Password Change has failed!(MOD)" `
    -Body "The password change script has failed,please check for errors and rerun PWRandom from the server again." `
    -SmtpServer <relay server>
}

Select allOpen in new window

Paste the error text

The PW script itself works with no issues, the encryption part is not showing an error as mush as just not doing anything.
So the issue seems to have shifted.