Local Admin Password Problem

Chris: Is there a way to change the local administrator passwords, encryption technology and strategy group? I discovered how to use tools such as hyenas, but it is not, I can assure computers, might be switched off.

- Gordon high-tech help, as a , e-mail from a window, the issue of exchange or virtual or need troubleshooting help? Perhaps you want a better interpretation exceeds the manual? Description your plight in an e-mail to the editors mcpmag.com in the email: editor@mcpmag.com best question be answered in this column, and draw interesting questions with a baseball-mcpmag.com cap.

when you put your question, please include your full first and last name, location, certifications (if a), and your message. (If you prefer to remain anonymous, This shows you the message, but requested information for verification).

Gordon, there are several ways to do so, your mind is the ideal partner. A popular method is documented in the TechNet article, "Windows 2000 computer startup script." I have heard other managers run a simple command network users, such as network users administrator pass123456, which would set the local administrator password to pass123456. For security reasons, of course, is never recommended.

Many managers fear the use of passwords in the same script, I am afraid that a weekend in - law. Thus, although a reference to the first TechNet earlier should answer your question, heres another option.

sysinternals provide free so-called pspasswd too, which allows you to remotely reset the password, a series of network computer. The tool will also report on the successes and failures change your password, so you can in a single command to combat computer list. Just because the password is included in the syntax of a command you, it will never be stored as text in a batch or script file.

pspasswd use, you first need to have a list of all the computers in your domain name. Enumerate all computer objects in the domain, you can run this script: log = "C: computers.txt" constants forwriting = 2 constants ads_scope_subtree = 2 a objconnection = createobject ( "adodb.connection") a objcommand = createobject ( "adodb.command" ) objconnection.provider = "adsdsoobject" objconnection.open "Active Directory providers" a objcommand.activeconnection objconnection # = 160 objcommand.commandtext _ = "select Name , location, LDAP: / / mcpmag DC = DC = best "_ ", and objectclass = computer" objcommand.properties ( "Page Size") = 1000 objcommand.properties ( "searchscope") = ads_scope_subtree a objrecordset objcommand.execute = objrecordset.movefirst a objfso = createobject ( "scripting.filesystemobject") a objfile = objfso.createtextfile (log, forwriting) do so until objrecordset.eof objfile.writeline objrecordset.fields ( "name"). Value objrecordset.movenext loop noted that the script will be output to a file called "computers.txt" on the C drive. This can be changed by editing the variable log transfer, in the first line of the script. It is worth noting that in your environment, you will also need to change the domain quoted on the 12th line. Let me give you the example, I used mcpmag.com (mcpmag DC = DC = COM).

Once you have listed all of the computer, and then you can run pspasswd.exe change local administrator password on all systems in the list. The syntax here, I used my test network: pspasswd.exe @ Group C: computers.txt administrator ssword p @! Following the @ symbol in the command syntax is the path to the file containing all the names of the computer. Grammar is the next part of the name of the account, the password will be changed, followed by the new password (P @ ssword!).

Now here is the output from this command: pspasswd v1.21 - local and remote password for Copyright (C) 2003-2004 marks russinovich sysinternals-w ww.sysinternals.com pc1: error Change Password: network path was not found.

bsodme: password bsodmeadministrator successfully changed.

The list will yield successful, fail, you will be able to see the password system is not successfully changed. My situation, the system called pc1 no. Therefore, I must ensure that pc1 on line, and then run the command, the second. (Note: pspasswd can also run on a single computer.) Since the command dependent on UNC path connected to the system, you will need to ensure that the objectives of the system file and print sharing, document and print sharing is not impacted fault of the systems firewall. By default, Windows XP SP2 firewall pro-did not allow the file and print sharing. However, this can change rapidly through Group Policy.

As you can see, a simple list of the computers on your network, remote control to change local administrator passwords pspasswd is a more laborious process.