This W2K command line script changes local administrator passwords without having to go to each machine. I am sending a pointer to it rather than the whole script because it must be executed on a machine with the same local administrator name and password of the machines you are trying to change.

 

 

\\myAdminServer\c$\tools\ChangePW

 

Usage: Type “ChangePW.cmd” at a command prompt.

 

Associated Files: Servers.txt – holds a list of all the servers used by LAB. 1 computer per line.

                           Soon.exe – Microsoft utility which works with scheduling service to execute commands in the next few seconds rather than hours.

 

 

When executed ChangePW.cmd synchronizes the time of the remote computers listed in servers.txt to the time on \\myCmomputer . It then schedules a password change for the local administrator on the remote computers. It does this using the scheduling service. This means that the scheduling service must be running on the remote machines. The password change is actually executed locally on each machine via the net user command.

 

This was the only way I could find to do this. Executing the net user command by itself from a remote location simply did not change the password.

 

I have tried this on several test computers, W2K as well as XP, in the lab and it works in every case.

 

 

TOP SECRET!

I think the scheduling service is EXTREMELY powerful. I am surprised that there hasn’t been more talk about it as a security leak, because it seems to me that you could schedule formats of hard drives by this means.

 

Usage notes:

 

• Once you change the password of a remote computer, you CANNOT just re-execute the command and change it back again, because you no longer have credentials on the remote machine.   You have to change the Password on the executing computer.

 

 

Troubleshooting

 

• Check to see that the command did not actually get schedule for the next day rather than today.  A remote computer needs about 15 seconds lead time, otherwise it schedules the task the next day.

 

• You can open the schedule task folder on the remote machine and see this task being scheduled . Sometimes it looks as if the task did not execute. In that case, hit REFRESH (F5). You’ll see that the task did execute.

 

• Access Denied Errors. The scheduling service clearly reports errors if it cannot schedule a task. I had 5 errors which cannot account for. These were on:

 

 

The passwords would have to be changed by hand for these machines. 

 

 

Next Steps:

We should get together and decide what we want the new password to be, and when we want to change the password over.

 

We should also put our heads together and think about what scripts this might mess up. In other words, there may be automation scripts which use the local administrator password. We should figure this out before we go changing all the passwords.

 

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

Notes:

 

There are several other utilities for changing passwords in the W2K Resource Kit. I could not get any of them to work consistently. In many cases, the issue is that these tools are designed to work on an Active Directory domain controller

 

 

1) Cursmgr (Console User Manager)

       Example: cusrmgr – u joeuser –m \\myComputer – P Password-2000

This fails to change the password for joeuser on MYCOMPUTER

 

 

2)  Addusers

      Example: AddUsers \\myComputer /c c:\addusers.txt /p:e

                     With a user.txt file of UserName12345

 

                This fails to create the user on a remote computer.

 

3) Useradmin Perl script.

 

    Example: UserAdmin.pl -chpassword -s myComputer -u administrator -p Password-2000 -oldpassword Password-1234 -newpassword Password-1237 TestUser

 

ERROR: Access denied. Invalid user/password credentials.

 

4) ModifyUsers.vbs

  

   This script just seemed to require a  domain controller.

 

 

 

 

* * * * * * * * * * * *

SAMPLE CODE

 

: Purpose: Change local administrator Password in all team computers.

: Example of use: for /f "eol=:" %i in (c:\tools\servers.txt) do soon \\%i 60 cmd /c net user /add JoeUser Password-2000

: This says "for [file] unless end of line character [:] is reached in ([this file]), put each line of the file into variable %i and then do [execute] the command "soon", etc."

: "Soon" is a Microsoft Tool: http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/soon-o.asp

: When executed it will send a net user add command to each computer's task scheduler. "Soon" schedules jobs for the near future. So "60" stands for 60 seconds.

: for /f "eol=:" %i in (c:\tools\servers.txt) do soon \\%i 60 cmd /c net user JoeUser Password-2000 {without the /add] will simply change the user's password.

 

: Notes:

:        1. This command file must be executed from a computer which has the same administrator username and password as the computers you are trying to change

:        2. After you change the password on the remote computers, this command file will no longer work, until you change it's administrator name and password to match the remote computers.

:        3. When executing from command line, only one % sign is needed. When executing as at batch file, 2 % signs are needed.

 

 

 

:Synchronize time on all servers to the computer named \\myComputer

 

for /f "eol=:" %%i in (servers.txt) do soon \\%%i 60 cmd /c net time \\ myComputer /set /y

 

 

 

: Example of Adding a new user to remote computers

:for /f "eol=:" %%i in (servers.txt) do soon \\%%i 60 cmd /c net user /add JoeUser Password-2000

 

 

 

 

: Example of Changing local administrator Passwords

: Note - DO NOT EXECUTE THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING!! * * * * * * * * * * * * * * * * * * * * * * *

 

:for /f "eol=:" %i in (servers.txt) do soon \\%i 60 cmd /c net user administrator Password-3000