Wednesday, November 21, 2007

Change the Local Administrator password on all your domain computers

Imagine this - 200 servers and 1,500 workstations. How would you change the local Administrator password (or any other account which you use to administer the local machine)? Being the lazy guy as I always have been, I don't want to do things which would be repetitive so I wrote a script. This uses a list of servers and workstations stored in a text file named computerList.txt (you can use either hostnames or IP addresses although I prefer IP) and generates a CSV file which I can use as a report.


Dim loopCount, directory, objFSO,objFile,objFSO2,objFile2


'Gets the directory where our script is running from
directory = CreateObject("Scripting.FileSystemObject").GetParentFolderName(Wscript.ScriptFullName)


Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(directory & "\computerList.txt", 1)


'===LOG of servers with successful PING
strFilePath = directory & "\serversPING.csv"
Set objFSO2 = CreateObject("Scripting.FileSystemObject")
' Open the file for write access.
On Error Resume Next
Set objFile2 = objFSO2.OpenTextFile(strFilePath, 2, True, 0)
If (Err.Number <> 0) Then
On Error GoTo 0
Wscript.Echo "File " & strFilePath & " cannot be opened"
Set objFSO2 = Nothing
End If
On Error GoTo 0


'Write HEADER
objFile2.WriteLine "SERVER,REACHABLE,PASSWORD CHANGED"



Do Until objFile.AtEndOfStream
strComputer = objFile.ReadLine


If Reachable(strComputer) Then
strReachable = "REACHABLE"
strPasswordChanged = "SUCCESSFUL"
Call SetPassword(strComputer)
Else
strReachable = "UNREACHABLE"
strPasswordChanged = "FAILURE"
End If


objFile2.WriteLine strComputer & "," & strReachable & "," & strPasswordChanged


Loop


objFile.Close
Set objFSO =NOTHING
Set objFile = NOTHING

objFile2.Close
Set objFSO2 =NOTHING
Set objFile2 = NOTHING


MSGBOX "Finished"



'===============================
Function Reachable(strComputer)
' On Error Resume Next


Dim wmiQuery, objWMIService, objPing, objStatus

wmiQuery = "Select * From Win32_PingStatus Where Address = '" & strComputer & "'"

Set objWMIService = GetObject("winmgmts:\\.\root\cimv2")
Set objPing = objWMIService.ExecQuery(wmiQuery)

For Each objStatus in objPing
If IsNull(objStatus.StatusCode) Or objStatus.Statuscode<>0 Then
Reachable = False 'if computer is unreacable, return false
Else
Reachable = True 'if computer is reachable, return true
End If
Next

End Function



'===================================
Function SetPassword(strComputer)
strComputer = strComputer
Set objUser = GetObject("WinNT://" & strComputer & "/Administrator, user")
objUser.SetPassword "
T3$tP@$$w0rd"
objUser.SetInfo

End Function

Imagine how much time can be saved if you needed to do this ever 45 days. I'll work on something which reads Active Directory for the list of all computers and servers joined in the domain so one does not need to create the computerList.txt file
Google