I've written such a script. We are running with XP clients on a Windows
2003 domain, but I don't think that should be a problem. You will have
to change admin1 and admin2 to the names of your local administrator
accounts. If you only have one administrator account on each machine,
you can simplify the script. By the way, I found lots of sample scripts
out there from which I built this script; I don't deserve much credit.
Sandy
==========================================================================
'// ChangeLocalPassword.vbs - script to change the password for local
'// administrator accounts on each computer in
'// the AD domain
'// 05/04 (slm)
'// 06/04 changed to change 2 accounts in one pass
'//
'// Usage: ChangeLocalPassword.vbs
'//
'// The script prompts the user for the passwords for the local
'// administrator accounts. It uses a list of computers named
'// PC_list.txt that should be in this directory. The logfile includes
'// a list of computers on which the passwords were changed and those
'// not changed. The NOTchanged.txt file is a list of machines on
'// which the passwords were not changed. This can be used to run the
'// script again and try on just those machines.
Option Explicit
On Error Resume Next
Err.Clear
'// Set constants.
Const ForReading = 1
Const ComputerList = "E:\Scripts\Admin Passwords\PC_list.txt"
'// Define variables.
Dim fso, inputFile, logFile, notChanged
Dim accountName, admin1Password, admin2Password
Dim strComputer, objUser, Changed
'// This script must be run under an administrative account.
WScript.Echo "STOP!! This script MUST be run as an administrator."
'// Open the computer list file and create the log files.
Set fso = CreateObject("Scripting.FileSystemObject")
If (Not fso.FileExists(ComputerList)) Then
WScript.Echo "Computer list file does not exist."
WScript.Quit
End If
Set inputFile = fso.OpenTextFile(ComputerList, ForReading, False)
Set logFile = fso.CreateTextFile("changed.log", vbTrue)
Set notChanged = fso.CreateTextFile("NOTchanged.txt", vbTrue)
'// Prompt the user for the new password for the account.
admin1Password = GetPassword("admin1")
admin2Password = GetPassword("admin2")
'// Loop through the list of computers.
Do While inputFile.AtEndOfStream <> True
strComputer = inputFile.ReadLine
Changed = vbFalse
On Error Resume Next
Set objUser = GetObject("WinNT://" & strComputer & "/admin1, user")
If (Err.Number = 0) Then
objUser.SetPassword admin1Password
objUser.SetInfo
If (Err.Number = 0) Then
logFile.WriteLine("Password changed for admin1 on " & strComputer)
Changed = vbTrue
Else
logFile.WriteLine("Could NOT set password for admin1 on " & _
strComputer)
notChanged.WriteLine(strComputer)
End If
Else
logFile.WriteLine("Could NOT connect to " & strComputer & _
" for admin1")
notChanged.WriteLine(strComputer)
End If
Set objUser = Nothing
If (Changed) Then ' admin1 successful, change admin2
Changed = vbFalse
On Error Resume Next
Set objUser = GetObject("WinNT://" & strComputer & "/admin2, user")
If (Err.Number = 0) Then
objUser.SetPassword admin2Password
objUser.SetInfo
If (Err.Number = 0) Then
logFile.WriteLine("Password changed for admin2 on " & _
strComputer)
Changed = vbTrue
Else
logFile.WriteLine("Could NOT set password for admin2 on " & _
strComputer)
notChanged.WriteLine(strComputer)
End If
Else
logFile.WriteLine("Could NOT connect to " & strComputer & _
" for admin2")
notChanged.WriteLine(strComputer)
End If
Set objUser = Nothing
End If
Loop
inputFile.Close
logFile.Close
notChanged.Close
Set fso = Nothing
Set inputFile = Nothing
Set logFile = Nothing
Set notChanged = Nothing
WScript.Echo "Script done"
wScript.Quit
'//============================================================================
'// Subroutines.
Function GetPassword(accountName)
Dim newPassword
newPassword = InputBox("What do you want the new password to be for " &_
accountName & "?")
If (len(newPassword) < 8) Then
MsgBox "The password you entered is too short" & vbCrLf & _
"It is only " & len(newPassword) & " and it must be" & _
vbCrLf & "at least 8 characters long."
WScript.Quit
End If
GetPassword = newPassword
End Function
Hi All,
We are running w2k and xp clients on an NT4 domain. I would like to be able
to run a script that will remotely change the local Administrator account and
password on the 2k/XP clients. My thought is a script that would read a txt
file of computer names and provide an error log.
Any help would be appreciated.
--
Sandra L Miller
Windows System Administrator
Department of Computer Science
University of Arizona
"The opinions or statements expressed herein are my own and should not be
taken as a position, opinion, or endorsement of the University of Arizona."
