One of the lovely students here was found to have our local admin password, something that inevitably seems to happen every other year. How he got it is a discussion for another post which will include what measures we put in place to try and keep it from happening again.
The more immediate concern is how do we change the local password on 1000+ computers without having to visit each one? I’ve written a vbscript that takes a comma-delimited file with the first column being the IP and the second being the Computer name and outputs two lists, one that were changed & one that were not. I got the input file from our DHCP Server by exporting the Scope for the building where the password was compromised. I then got rid of the other columns that I didn’t care about. I also broke the file down into smaller chunks just to make it more manageable and so that I could send information to the building tech on the computers that failed in smaller batches.
The script I wrote takes this file as input (c:\script\workstations.txt) and spits back out two files (c:\script\Done.txt & c:\script\NotDone.txt) Done contains the computers that the script was able to contact and changed the local admin password on and NotDone has the ones we were unable to contact and therefore were not changed.
I don’t want to claim this all as my own, so I did borrow the IsAlive function from another post I found. If I can find it again, I will link to that post.
Option Explicit Dim fso, user, ts, temp, src, WshShell, PINGFlag, ComputerArr Dim dstGood, dstBad, tsGood, tsBad Set fSO = CreateObject("Scripting.FileSystemObject") Set WshShell = CreateObject("WScript.Shell") src = "c:\script\workstations.txt" dstGood = "c:\script\Done.txt" dstBad = "c:\script\NotDone.txt" If Not fso.FileExists(src) Then WScript.Echo "File: " & src & " cannot be found." WScript.Quit End If Set ts = fso.OpenTextFile(src,1) Set tsGood = fso.OpenTextFile(dstGood,2) Set tsBad = fso.OpenTextFile(dstBad,2) Do Until ts.AtEndOfStream temp = ts.ReadLine ComputerArr = split(temp, ",") if isalive(ComputerArr(0)) then wscript.echo "Ping Success: " & ComputerArr(1) Set user = GetObject("WinNT://" & ComputerArr(0) & "/Administrator,user") user.setpassword "YourNewPassword" user.setinfo tsGood.writeline ComputerArr(1) else wscript.echo "Ping Failed: " & ComputerArr(1) tsBad.writeline ComputerArr(1) End IF Loop Function IsAlive(strHost) Const OpenAsASCII = 0 Const FailIfNotExist = 0 Const ForReading = 1 Dim objShell, objFSO, sTempFile, fFile Set objShell = CreateObject("WScript.Shell") Set objFSO = CreateObject("Scripting.FileSystemObject") sTempFile = objFSO.GetSpecialFolder(2).ShortPath & "\" & objFSO.GetTempName objShell.Run "%comspec% /c ping.exe -n 2 -w 500 " & strHost & ">" & sTempFile, 0 , True Set fFile = objFSO.OpenTextFile(sTempFile, ForReading, FailIfNotExist, OpenAsASCII) Select Case InStr(fFile.ReadAll, "TTL=") Case 0 IsAlive = False Case Else IsAlive = True End Select fFile.Close objFSO.DeleteFile(sTempFile) Set objFSO = Nothing Set objShell = Nothing End Function