locked
Reset Password RRS feed

  • Question

  • Dear Guys,

     

    I’m managing 140 PCs in a company and I realize the administrator password is not the same on all of them. I should reset the local administrator password on all 140 PCs and make them the same. Is there any tools to do it or do you know any command to run for this?

     

    P.S: I have tried ‘net user’ command and created the bat file with that. I also map the file to GPO but it needs administrator’s privileges to be able to run on the user’s PC which they don’t have.

     

    Thanks and regards,

    Bahman

    Saturday, June 18, 2011 2:02 PM

Answers

  • If you are a member of "Domain Admins" (or a user or member of a domain group that is a member of the local Administrators group on all workstations) you can do this in bulk remotely. I have an example VBScript program that does this linked on this page:

    http://www.rlmueller.net/Reset_Local_Admin_Passwords.htm

    The program maintains a text file of "missed" computers. If this file does not exist, the program queries AD for all computers that do not have the string "server" in the value of the operatingSystem attribute. For each computer the program first pings to see if it is available, then binds to the local Administrator user object and resets the password. If this fails on any computer, the computer name is written to a new "missed" file. The program can be run repeatedly until there are no missed computers. If desired, you can start with a text file of "missed" computers listing only the computers you want to deal with. The new password is hard coded in the program.

     


    Richard Mueller - MVP Directory Services
    • Marked as answer by Vincent Hu Wednesday, June 22, 2011 8:18 AM
    Saturday, June 18, 2011 3:56 PM
  • Hello,

    as you didn't mention any OS version, there is also the option to use Group policy preferences to change the local admin password. BUT this has the disadvantage of some security as described in Florian's blog:

    http://www.frickelsoft.net/blog/?p=116


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Marked as answer by Vincent Hu Wednesday, June 22, 2011 8:18 AM
    Sunday, June 19, 2011 9:43 AM

All replies

  • If you are a member of "Domain Admins" (or a user or member of a domain group that is a member of the local Administrators group on all workstations) you can do this in bulk remotely. I have an example VBScript program that does this linked on this page:

    http://www.rlmueller.net/Reset_Local_Admin_Passwords.htm

    The program maintains a text file of "missed" computers. If this file does not exist, the program queries AD for all computers that do not have the string "server" in the value of the operatingSystem attribute. For each computer the program first pings to see if it is available, then binds to the local Administrator user object and resets the password. If this fails on any computer, the computer name is written to a new "missed" file. The program can be run repeatedly until there are no missed computers. If desired, you can start with a text file of "missed" computers listing only the computers you want to deal with. The new password is hard coded in the program.

     


    Richard Mueller - MVP Directory Services
    • Marked as answer by Vincent Hu Wednesday, June 22, 2011 8:18 AM
    Saturday, June 18, 2011 3:56 PM
  • Hello,

    as you didn't mention any OS version, there is also the option to use Group policy preferences to change the local admin password. BUT this has the disadvantage of some security as described in Florian's blog:

    http://www.frickelsoft.net/blog/?p=116


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Marked as answer by Vincent Hu Wednesday, June 22, 2011 8:18 AM
    Sunday, June 19, 2011 9:43 AM