Discussion:
change the local administrator password for every machine in AD
(too old to reply)
alex
2009-09-07 05:34:47 UTC
Permalink
maybe the script runs under the logging-on user that does not have privilege
to change admin password
Hi Experts,
I want to change the local administrator password for every machine. I
have tried many time, but failed. After client machine restarted, the xp
will say the script has some erre at line 3, col 1 .the code maybe
8007007B
Code 8007007B - The filename, directory name or volume syntax is
incorrect
I did the following steps, but failed. The machine's local administrator
password was not changed.
Can you tell me why the line 3 has problem? Thanks.
1. Save the following scripts in a pwd.vbs file .
strComputer="."
Set objUser=GetObject("WinNT://" & strComputer & "/Administrator,user")
objUser.SetInfo
2. Select an OU, in its properties, select policy, new a group policy,
name it, click edit
3. In the following windows, select startup, click properties, click
Show Files¡­, copy the script file (pwd.vbs) into this folder, click
Add¡­,
4. Popup the following window, click Browse¡­
5. Select pwd.vbs in this window, and click ok.
6. Run command ¡° gpupdate /force ¡° to refresh group policy.
7. After the machine restarted, the local administrator password will be
achinda
2009-10-24 11:01:07 UTC
Permalink
Hi this is awesome. i tested out and it works fine. but i do have a
issue since the admin password will get changed only when domain admin
logs in to the particular PC.

pls assist me on how should i allow restricted users to change the
password through this script ?


BTW- Do i have to grant restricted users as domain admin till they
logged in and password gets changed ?????
--
achinda
------------------------------------------------------------------------
achinda's Profile: http://forums.techarena.in/members/148152.htm
View this thread: http://forums.techarena.in/server-scripting/1238760.htm

http://forums.techarena.in
Al Dunbar
2009-10-24 16:35:00 UTC
Permalink
This post might be inappropriate. Click to display it.
achinda
2009-10-27 08:23:31 UTC
Permalink
HI

we got 300 computers in the domain. it's not practical to provide all
PC names in the script ?

Any other way of doing this ?

Regards
Achinda
--
achinda
------------------------------------------------------------------------
achinda's Profile: http://forums.techarena.in/members/148152.htm
View this thread: http://forums.techarena.in/server-scripting/1238760.htm

http://forums.techarena.in
Pegasus [MVP]
2009-10-27 10:42:15 UTC
Permalink
Post by achinda
HI
we got 300 computers in the domain. it's not practical to provide all
PC names in the script ?
Any other way of doing this ?
Regards
Achinda
The more machines you have, the more important it is to maintain a
comprehensive list of all NetBIOS names. You can use the logon script to
compile the list, e.g. like so:
@echo off
echo %date% %time% %UserName% >> \\Server\Share\%ComputerName%
Al Dunbar
2009-10-27 23:12:26 UTC
Permalink
Post by Pegasus [MVP]
Post by achinda
HI
we got 300 computers in the domain. it's not practical to provide all
PC names in the script ?
Any other way of doing this ?
Regards
Achinda
The more machines you have, the more important it is to maintain a
comprehensive list of all NetBIOS names. You can use the logon script to
@echo off
echo %date% %time% %UserName% >> \\Server\Share\%ComputerName%
or you can get a list of the computers that are currently accessible with:

net view

Alternately, you could get the names of all computers defined in active
directory by writing a script to query AD, using csvde.exe, or using MMC w/
ADU&C and extracting from an OU, or from the results of a search.

/Al
Al Dunbar
2009-10-27 23:12:26 UTC
Permalink
Post by Pegasus [MVP]
Post by achinda
HI
we got 300 computers in the domain. it's not practical to provide all
PC names in the script ?
Any other way of doing this ?
Regards
Achinda
The more machines you have, the more important it is to maintain a
comprehensive list of all NetBIOS names. You can use the logon script to
@echo off
echo %date% %time% %UserName% >> \\Server\Share\%ComputerName%
or you can get a list of the computers that are currently accessible with:

net view

Alternately, you could get the names of all computers defined in active
directory by writing a script to query AD, using csvde.exe, or using MMC w/
ADU&C and extracting from an OU, or from the results of a search.

/Al

Pegasus [MVP]
2009-10-27 10:42:15 UTC
Permalink
Post by achinda
HI
we got 300 computers in the domain. it's not practical to provide all
PC names in the script ?
Any other way of doing this ?
Regards
Achinda
The more machines you have, the more important it is to maintain a
comprehensive list of all NetBIOS names. You can use the logon script to
compile the list, e.g. like so:
@echo off
echo %date% %time% %UserName% >> \\Server\Share\%ComputerName%
achinda
2009-10-27 08:23:31 UTC
Permalink
HI

we got 300 computers in the domain. it's not practical to provide all
PC names in the script ?

Any other way of doing this ?

Regards
Achinda
--
achinda
------------------------------------------------------------------------
achinda's Profile: http://forums.techarena.in/members/148152.htm
View this thread: http://forums.techarena.in/server-scripting/1238760.htm

http://forums.techarena.in
Loading...