Reset all my local administrator workstation password 1

[DarkHat]

Hello to all,

We run a win2k domain with more then 600 workstations. They all have the same administrator password... But now some of our users know the password...

Is there any way that I can chance the administrator password on all of my workstation without loggin on all of them?
Is there a policy in ADS for that? (I don't see any)

Hope you can help me.

 

[Hondy]

How about this in a log in script:

strComputer = "MyComputer"
Set objUser = GetObject("WinNT://" & strComputer & "/Administrator, user&quot
objUser.SetPassword "testpassword"
objUser.SetInfo

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/user/ScrUG03.asp

 

[DarkHat]

I put that in a .bat file?

 

[wolluf]

What about pspasswd - part of pstools freeware from

http://www.sysinternals.com.

 

[DarkHat]

Here is what I did..... Not with pspasswd but with psexec... It's work good but you have to a have a update list of your computers...
@echo off

set domain=mydomain.com
set user=[DOMAINEADMINUSERNAME]
set password=[USERPASSWORD]
set newpassword=[NEWPASSWORD]

if exist chpass.log del chpass.log >nul

for /F %%i in (list.txt) do call assloop %%i
goto :end


assloop
echo Updating password on %1
psexec \\%1 -u %domain%\%user% -p %password% net user administrator %newpassword% >tempfile.1
find "The command completed successfully." tempfile.1 >nul
if errorlevel 1 echo Failed to update password on %1 >>chpass.log
if errorlevel 0 echo Successfully updated password on %1 >>chpass.log
del tempfile.1 >nul
goto :eof

:end

 

[Hondy]

DarkHat
The script works in WMI/vbs/WSH so you can save it as a test file with the extension VBS for example and run it through your login script.

 

[tubbaguts]

Here is a script that you (being a domain admin) can run from your workstation and hit every powered on machine to change the local admin password. You need to create a text file that has all the machine names in you domain for the script to pull from. Here is the script:

'This script will take computer names from a file and change the local administrator account password to one of

your choosing. It will write the successes and failures to separate files as it goes along. This could be useful

in a small business where you want to keep the passwords the same or in the same format for all NT workstations.

'~~Script~~.
set fsomain=createobject("scripting.filesystemobject&quot
set failedmachines=fsomain.createtextfile("c:\failed.txt&quot
set successmachines=fsomain.createtextfile("c:\success.txt&quot

Dim txtcomputername
Dim passwrd

On Error Resume Next

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'Go thru each computer and change the admin password '
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''

'Open the text file
set machines=fsomain.opentextfile("c:\pcs.txt&quot

'Start looping through the machine names in the file
Do While not machines.AtEndOfLine
txtcomputername = machines.ReadLine
'Goto the local Admin account of the machine
set usr = GetObject("WinNT://" & txtcomputername & "/administrator,user&quot
'IF you have an error, write to the failed file and do not attempt to change the password
If Err Then
HandleErr()
Err.Clear
Else
passwrd = "password"
usr.SetPassword passwrd
usr.SetInfo
successmachines.WriteLine txtcomputername & " was successful"
End If
loop

'Close all open files
txtdata.close
failedmachines.close
successmachines.close

'Present yourself a message so you'll know its finsihed
msgbox "Done"

set fsomain=nothing
set txtdata=nothing
set usr=nothing
set dellasset=nothing


Sub HandleErr()
failedmachines.WriteLine txtcomputername & " " & "was probably powered off. " & Err.Number
End Sub

Hope this helps.

 

[ned4spd8874]

Would any of these scripts work in a workgroup environment? I have Windows 2000 Pro in a novell workgroup environment and need to reset all my local admin accounts.

 

[JillofAllTrades]

tubbaguts - you rock!! Star for you!

Christine

 

[rigsville]

I use `Reset Local Password Pro'

Amazing program, allows you to select the workstations and apply the same local administrator password to them.

You can download a trial copy from:

http://www.keroonsoftware.com

 

[markdmac]

There is a Resource Kit utiltiy to do what you are looking for. It is easy to script and should do the job for you if tuggabouts script won't do the job.

Here is the script I use. This script also renames the local admin account, making it harder for people to hack.

'***********************************************************************************
'Rename Local Admin Account ***
'By Mark MacLachlan ***
'Purpose: renames admin account and resets password using resource kit utility CUSRMGR ***
'Creation date: 10/8/2002 ***
'Dependencies: requires local file named wslist.txt with workstation names ***
'************************************************************************************
On Error Resume Next

'open the file system object
Set oFSO = CreateObject("Scripting.FileSystemObject")
set objShell = wscript.createObject("wscript.shell")
'open the data file
Set oTextStream = oFSO.OpenTextFile("wslist.txt")
'make an array from the data file
RemotePC = Split(oTextStream.ReadAll, vbNewLine)
'close the data file
oTextStream.Close

For Each strWorkstation In RemotePC
'Do something useful with strWorkstation
'reset the password of !sdadmin if it exists, otherwise script will ignore
Call objShell.Run("cmd.exe /C C:\Progra~1\Resour~1\cusrmgr -u !sdadmin -m \\" & strWorkstation & " -P ""password""", 0, true)
'renames admin account to !sdadmin and the resets password to default
Call objShell.Run("cmd.exe /C C:\Progra~1\Resour~1\cusrmgr -u administrator -m \\" & strWorkstation & " -P ""password"" -r !sdadmin", 0, true)

Next

Set oFSO = Nothing
Msgbox "All done"
WScript.Quit(0)

I hope you find this post helpful. Please let me know if it was.

Regards,

Mark