I am looking for a logon script that will change the local admin password. I have tried several with no luck. Can someone help??
4 Spice ups
You should give it some time before you start posting nearly the same exact post again.
Are you trying to change the local admin accounts on workstations, servers, or DCs?
Check this link here
http://www.visualbasicscript.com/m_2957/tm.htm
From the other site i put the link up for i found this staight from MS
Using a computer startup script as opposed to a logon script should take care of you.
In his defense I have been having issue posting recently where it looks like my post didnt go through when it actually did and I have had to retype, could be that he is experiencing the same issue and it is not just me.
Scott I suggest closing one of the threads so we can consolidate answers.
Sorry, i had not known of any posting issues.
Neither had I until right now 
I will make note to screenshot it and start a question now that I am seeing evidence of this in other questions. I thought it was just my connection.
Yes I was having a crash when I tried to post… sorry for the issue.
Thanks for the responce!
The first link woks for about 20% of the computers (I tired that one yesterday)
The second one will not work for my location due to needing a list of computers.
I am tring to change the passwords on all workstations in my domain and I want it to keep a list of what systems have been changed and I dont want to provide a list of computers, just want it to apply to all computers on the domain
You can always set them manually through the computer management console remoting each pc locally. Pretty fast way to do it if it is your first time, this will guarantee all are the same. Perhaps there is a problem where some of the PCs have a different local password and the first time around you will need to do it manually.
Other thing would be to use pstools and create a simple script with PsPasswd, you would still need to get a list of PCs to parse somehow, or know an IP range so you culd create the loop.
Well, if use set up a GPO then it should cover all of your computers. Most domains have a GPudate that cycles rather frequently.
If you want to make a list of PC that have been completed then you could make a batch file that will run along side the Passwordchange.vbs that will >> (append) its computer name to a text file on a network drive. To keep it from doing this more than once you could have in the beginning of the batfile have it check for a specific file on the c drive.
Forgive me for this being really rough but im doing it on the fly.
@echo off
IF EXIST c:\changed.txt GOTO END
echo %computername% >> z::\completedlog.txt
time /t >> z::\completedlog.txt
echo . >> z::\completedlog.txt
echo . >> z::\completedlog.txt
echo . >> z::\completedlog.txt
echo . >> c:\changed.txt
:END
I already gave my 2 pennies on the other post. That’s about all it’s worth right now as there’s no script yet. But I hope to ultimately have 2 - one to change individual systems, and one for domain-wide changes, but the later is a little lofty.
http://community.spiceworks.com/topic/25010?page=1#entry-81347
this is not a script but will accomplish what you want very nicely
http://www.avianwaves.com/Tech/Tools/XS_BAP/
mattrosso
(Techgyver)
12
Our whole district just had to acomplish this and we found the easiest method. (Well in my opinion)
www.sysinternals.com
Choose Process Utilities
Then choose PsTools.
One of the toos is PSpasswd and you can remotely reset all the admin passwords for all the computers that are turned on. You could also work it into a script I believe
If all of your sites need the local admin passwords reset at once then i would assume that all of your sites are indeed talking to each other right? Getting a list of all of the pcs should not be a huge problem as you are already using spiceworks. Dump a report of all of the PCs to excel. Then couple my half baked batch file with the sysinternals PSpassword so that you can make an easy check list of which PCs are finished.
Thanks to everyone for their help! I found a solution that I like and here it is:
-
I exported a list of my computers from AD
-
I downloaded this free utility that works great:
Xs BAP XS BAP
- All done!
good choice…that tool rocks! I think you can also just browse and import all computers from your domain as well…have fun with it!
So props to JohnT for the reomendation on this program. Since this thread I’ve been thinking about doing this on my domain so now i also am going to try out this solution.
alex3747
(Alex9218)
17
I was/am struggling with the same issue…
However just tested 2.0.0 and it’s not working out with Vista clients(as the author also confirms…)
The program XS BAP still needs some work I think.
I tried to change 4 local passwords (XP and Vista)and they all failed… uh… there was network connectivity to them and they were accesible through WMI.
Any other suggestions to reset local admin passwords, especially laptops that are not connected all the time present a problem, and a loginscript may be the only workable solution for me.(I know for sure they get that when they make a SSL connection)
I’m trying to wrap my brain around how it can be safe to publish the local admin password to script on a network share. Would you encrypt the script first? I know there are ways to digitally sign them, but can you even encrypt them?
I still think this can be accomplished via wmi but if it’s plain text I would do it manually.
@ScottMWT - if JohnT’s suggestion worked for you, please mark the thread answered and give him a cookie ; )
alex3747
(Alex9218)
19
This could be the way to encrypt your local admin password.
I also read something about a Computer logon script, but I need to test if that is also working for remote laptops that have intermittent network connectivity.
Well if I were going to publish my admin password to a script I would use any tool available to encrypt/encode it. Thanks for the info Alex. Personally I’d hesitate to do this. But with roaming users with random connect times, I could see the benefit.
