locked
Random Password Generation for local "Administrator" RRS feed

  • Question

  • Hi all,

    I need to change the local administrator passwords in my domain! Already found some here in this forum, but the script must Generates random passwords for/on each server (So, every password must be different on/for server/Administrator) and will meet the following conditions (Phonetic password):
    •    A password length between 10 and 12 characters
    •    At least two uppercase letters
    •    At least two lowercase letters
    •    At least two numbers
    •    The first and last characters are always a letter

    Can someone help me with above (Searching the internet already done, with no results).



    With Regards,
    E B
    Thursday, November 18, 2010 8:14 PM

Answers

  • Well this intrigued me so I took the original code from above cleaned it up and added a Regular Expression function to verify if there is a number at the beginning or end of the string. If a number is present then the Sub Main is called again until there is a random string with no numbers at the beginning or end.

    Updated: I added the correct RegEx pattern to verify that there is no number on the ends and there are 2 each, uppercase, lowercase, numbers.

    'Create a Random number/letter combination 12 characters long.
    
    Dim strRandom
    
    Call Main
    WScript.echo strRandom
    
    Sub Main
    	Dim intCount, intSelect, intSelect1
    	strRandom = "" 
    	Randomize()
    	For intCount = 1 to 12
    		intSelect = Chr(Int(3 * Rnd() + 49))
    		Select Case intSelect 
    			Case "1" 
    				intSelect1 = Chr(Int(10 * Rnd() + 48)) 
    			Case "2" 
    				intSelect1 = Chr(Int(26 * Rnd() + 65)) 
    			Case "3" 
    				intSelect1 = Chr(Int(26 * Rnd() + 97)) 
    		End Select 
    		strRandom = strRandom & intSelect1 
    	Next
    	If Not myRegEx(strRandom) Then Call Main
    End Sub
    
    'Use Regex to ensure there are no numbers at the beginning or end of the string.
    Function myRegEx(str)
    	Dim regex
    	Set regex = New RegExp
    	With regex
    		.Pattern = "(?=.*[A-Z].*[A-Z])(?=.*[a-z].*[a-z])^[A-Za-z](?=.*\d.*\d).*[A-Za-z]$"
    		.IgnoreCase = False
    		.Global = True
    	End With
    	myRegEx = regex.Test(str)
    End Function

     


    v/r LikeToCode....Mark the best replies as answers.
    • Edited by LikeToCode Monday, November 22, 2010 1:54 AM updated the script to include correct regex pattern from below.
    • Marked as answer by LikeToCode Monday, November 29, 2010 4:03 PM
    Thursday, November 18, 2010 9:53 PM
  • My VBScript solution follows:

     

    Option Explicit
    
    Randomize
    
    Wscript.Echo GetPassword
    
    Function GetPassword
      ' Function to generate a random 12 character password
      Dim k, strPassword, intValue, blnOK
      Dim intLowerCase, intUpperCase, intDigit
    
      blnOK = False
      Do Until blnOK = True
        GetPassword = ""
        intLowerCase = 0
        intUpperCase = 0
        intDigit = 0
    
        For k = 1 To 12
          intValue = Fix(62 * Rnd())
          If (intValue < 10) Then
            GetPassword = GetPassword & Chr(intValue + 48)
            If (k = 1) Or (k = 12) Then
              ' First or last character a digit.
              ' Make sure blnOK stays False so we try again.
              intDigit = 0
              Exit For
            End If
            intDigit = intDigit + 1
          ElseIf (intValue < 36) Then
            GetPassword = GetPassword & Chr(intValue + 55)
            intUpperCase = intUpperCase + 1
          Else
            GetPassword = GetPassword & Chr(intValue + 61)
            intLowerCase = intLowerCase + 1
          End If
        Next
        ' Require at least two each of digits, lower case, and upper case letters.
        If (intDigit > 1) And (intUpperCase > 1) And (intLowerCase > 1) Then
          blnOK = True
        End If
      Loop
    End Function

     

    Richard Mueller


    MVP ADSI
    • Proposed as answer by Marco Shaw Friday, November 19, 2010 1:37 AM
    • Marked as answer by LikeToCode Monday, November 29, 2010 4:03 PM
    Thursday, November 18, 2010 10:32 PM
  • If I understand, you just need to echo the additional values, retrieved from the wshNetwork object. For example:

    Option Explicit
    Dim Count, strRdm, intRdm, WshShell, Password, oEnv, strComputer, objNetwork, objComputerName, objwmi, qry, Admin, objUser
    set WshShell = CreateObject("WScript.Shell")
    Set objNetwork = CreateObject("Wscript.Network")
    
    'Create a Random number/letter combination 12 characters long.
    
    Dim strRandom
    
    Call Main
    WScript.Echo "Password, " & strRandom _
      & ", Computername, " & objNetwork.ComputerName _
      & ", Account, " & objNetwork.UserName
    
    Sub Main
      Dim intCount, intSelect, intSelect1
      strRandom = "" 
      Randomize()
      For intCount = 1 to 12
        intSelect = Chr(Int(3 * Rnd() + 49))
        Select Case intSelect 
          Case "1" 
            intSelect1 = Chr(Int(10 * Rnd() + 48)) 
          Case "2" 
            intSelect1 = Chr(Int(26 * Rnd() + 65)) 
          Case "3" 
            intSelect1 = Chr(Int(26 * Rnd() + 97)) 
        End Select 
        strRandom = strRandom & intSelect1 
      Next
      If myRegEx(strRandom) Then Call Main
    End Sub
    
    'Use Regex to ensure there are no numbers at the beginning or end of the string.
    Function myRegEx(str)
      Dim regex
      Set regex = New RegExp
      With regex
        .Pattern = "^[0-9]|[0-9]$"
        .IgnoreCase = True
      End With
      myRegEx = regex.Test(str)
    End Function
    
    Richard Mueller
    MVP ADSI
    • Marked as answer by LikeToCode Monday, November 29, 2010 4:04 PM
    Saturday, November 27, 2010 1:49 AM

All replies

  • After a quick Google search I found this script. Just change "For kdcQuizSelectCnt = 1 to 5" to "For kdcQuizSelectCnt = 1 to 12" to generate random words/letters that are 12 characters long. Also change "response.write "<br>kdcQuizSelectChr: " & kdcQuizSelectChr & "<br>" " to "Wscript.Echo kdcQuizSelectChr" to view your results in a messagebox or console window. This should get you started.

    http://www.eggheadcafe.com/forumarchives/scriptingVisualBasicscript/Jun2005/post23376101.asp

    I cleaned up the code found above and added it to the Script Repository, I thought others might find it useful.

    http://gallery.technet.microsoft.com/scriptcenter/en-us/9e8f2396-02cd-4529-aef1-a690aa87eb3f


    v/r LikeToCode....Mark the best replies as answers.
    • Edited by LikeToCode Thursday, November 18, 2010 9:21 PM added link
    Thursday, November 18, 2010 8:58 PM
  • Hi,

    Many Thanks, but "The first and last characters must be always a letter". Just tested, but some of the created passwords starts with a digit?

     

    Already started to get Set objUser = GetObject("WinNT://" & strComputer & "/Administrator, user") etc, but above need to be worked firts.

     

    With Regards

    EB

    Thursday, November 18, 2010 9:47 PM
  • Well this intrigued me so I took the original code from above cleaned it up and added a Regular Expression function to verify if there is a number at the beginning or end of the string. If a number is present then the Sub Main is called again until there is a random string with no numbers at the beginning or end.

    Updated: I added the correct RegEx pattern to verify that there is no number on the ends and there are 2 each, uppercase, lowercase, numbers.

    'Create a Random number/letter combination 12 characters long.
    
    Dim strRandom
    
    Call Main
    WScript.echo strRandom
    
    Sub Main
    	Dim intCount, intSelect, intSelect1
    	strRandom = "" 
    	Randomize()
    	For intCount = 1 to 12
    		intSelect = Chr(Int(3 * Rnd() + 49))
    		Select Case intSelect 
    			Case "1" 
    				intSelect1 = Chr(Int(10 * Rnd() + 48)) 
    			Case "2" 
    				intSelect1 = Chr(Int(26 * Rnd() + 65)) 
    			Case "3" 
    				intSelect1 = Chr(Int(26 * Rnd() + 97)) 
    		End Select 
    		strRandom = strRandom & intSelect1 
    	Next
    	If Not myRegEx(strRandom) Then Call Main
    End Sub
    
    'Use Regex to ensure there are no numbers at the beginning or end of the string.
    Function myRegEx(str)
    	Dim regex
    	Set regex = New RegExp
    	With regex
    		.Pattern = "(?=.*[A-Z].*[A-Z])(?=.*[a-z].*[a-z])^[A-Za-z](?=.*\d.*\d).*[A-Za-z]$"
    		.IgnoreCase = False
    		.Global = True
    	End With
    	myRegEx = regex.Test(str)
    End Function

     


    v/r LikeToCode....Mark the best replies as answers.
    • Edited by LikeToCode Monday, November 22, 2010 1:54 AM updated the script to include correct regex pattern from below.
    • Marked as answer by LikeToCode Monday, November 29, 2010 4:03 PM
    Thursday, November 18, 2010 9:53 PM
  • Hi,

    Looking great, just tested and te last part is working great, but

    At least two uppercase letters ==>> Sometimes all CAPITALS
    At least two lowercase letters ==>> Sometimes all lowercase
    At least two numbers ==>> Sometimes only 1 number
    The first and last characters are always a letter ==>> Working Great... :-)

     

    With Regards

    EB
    Thursday, November 18, 2010 10:02 PM
  • My VBScript solution follows:

     

    Option Explicit
    
    Randomize
    
    Wscript.Echo GetPassword
    
    Function GetPassword
      ' Function to generate a random 12 character password
      Dim k, strPassword, intValue, blnOK
      Dim intLowerCase, intUpperCase, intDigit
    
      blnOK = False
      Do Until blnOK = True
        GetPassword = ""
        intLowerCase = 0
        intUpperCase = 0
        intDigit = 0
    
        For k = 1 To 12
          intValue = Fix(62 * Rnd())
          If (intValue < 10) Then
            GetPassword = GetPassword & Chr(intValue + 48)
            If (k = 1) Or (k = 12) Then
              ' First or last character a digit.
              ' Make sure blnOK stays False so we try again.
              intDigit = 0
              Exit For
            End If
            intDigit = intDigit + 1
          ElseIf (intValue < 36) Then
            GetPassword = GetPassword & Chr(intValue + 55)
            intUpperCase = intUpperCase + 1
          Else
            GetPassword = GetPassword & Chr(intValue + 61)
            intLowerCase = intLowerCase + 1
          End If
        Next
        ' Require at least two each of digits, lower case, and upper case letters.
        If (intDigit > 1) And (intUpperCase > 1) And (intLowerCase > 1) Then
          blnOK = True
        End If
      Loop
    End Function

     

    Richard Mueller


    MVP ADSI
    • Proposed as answer by Marco Shaw Friday, November 19, 2010 1:37 AM
    • Marked as answer by LikeToCode Monday, November 29, 2010 4:03 PM
    Thursday, November 18, 2010 10:32 PM
  • Try replacing this:

    If myRegEx(strRandom) Then Call Main

     

    with this:

     

    If Not myRegEx(strRandom) Then Call Main

    And replace this:

    Function myRegEx(str)
    	Dim regex
    	Set regex = New RegExp
    	With regex
    		.Pattern = "^[0-9]|[0-9]$"
    		.IgnoreCase = True
    	End With
    	myRegEx = regex.Test(str)
    End Function

    With this:

    Function myRegEx(str)
    	Dim regex
    	Set regex = New RegExp
    	With regex
    		.Pattern = "(?=.*[A-Z].*[A-Z])(?=.*[a-z].*[a-z])^[A-Za-z](?=.*\d.*\d).*[A-Za-z]$"
    		.IgnoreCase = False
    		.Global = True
    	End With
    	myRegEx = regex.Test(str)
    End Function


    v/r LikeToCode....Mark the best replies as answers.

    • Edited by LikeToCode Monday, November 22, 2010 1:50 AM Add the replace Function part.
    Friday, November 19, 2010 3:19 AM
  • .

    • Edited by Andrew Barnes Sunday, November 28, 2010 1:10 PM Cleaned up deleted post - too many lines
    Friday, November 19, 2010 8:47 AM
  • Hi Guys,

    Looking very good.

    Below working almost! The output shows:

    v4kVY6Z6ID0C
    Computername: BLUERES
    Administrator Account: Wintel

    I want that a little different, like this : Password, v4kVY6Z6ID0C, Computername, BLUERES, Administrator Account, Administrator


    Option Explicit
    Dim Count, strRdm, intRdm, WshShell, Password, oEnv, strComputer, objNetwork, objComputerName, objwmi, qry, Admin, objUser
    set WshShell = CreateObject("WScript.Shell")

    'Create a Random number/letter combination 12 characters long.

    Dim strRandom

    Call Main
    WScript.Echo strRandom

    Sub Main
        Dim intCount, intSelect, intSelect1
        strRandom = ""
        Randomize()
        For intCount = 1 to 12
            intSelect = Chr(Int(3 * Rnd() + 49))
            Select Case intSelect
                Case "1"
                    intSelect1 = Chr(Int(10 * Rnd() + 48))
                Case "2"
                    intSelect1 = Chr(Int(26 * Rnd() + 65))
                Case "3"
                    intSelect1 = Chr(Int(26 * Rnd() + 97))
            End Select
            strRandom = strRandom & intSelect1
        Next
        If myRegEx(strRandom) Then Call Main
    End Sub

    'Use Regex to ensure there are no numbers at the beginning or end of the string.
    Function myRegEx(str)
        Dim regex
        Set regex = New RegExp
        With regex
            .Pattern = "^[0-9]|[0-9]$"
            .IgnoreCase = True
        End With
        myRegEx = regex.Test(str)
    End Function



    wscript.echo "Computername: "& WshShell.ExpandEnvironmentStrings("%Computername%")
    wscript.echo "Password: "& (strRandom)


    strComputer="."    ' local computer by default   
    Set objUser=GetObject("WinNT://" & strComputer & "/" & GetAdminName & ",user")     
    objUser.SetPassword (strRandom)     
    objUser.SetInfo 
     
    Function GetAdminName   
     
      Set objNetwork = CreateObject("Wscript.Network") 'get the current computer name 
      objComputerName = objNetwork.ComputerName    
      Set objwmi = GetObject("winmgmts:{impersonationLevel=impersonate}!//" & objComputerName)
     
      qry = "SELECT * FROM Win32_Account where Domain = '" & cstr(objComputerName) & "'" 
      'set query, making sure to only look at local computer
     
      For Each Admin in objwmi.ExecQuery(qry)   
        if (left(admin.sid, 6) = "S-1-5-" and right(admin.sid,4) = "-500") then 'look for admin sid
           GetAdminName = admin.name
        wscript.echo "Administrator Account: "& (admin.name)
        end if   
      next    
    end Function

    With Regards,
    EB

     

    • Edited by Vipyammer Friday, November 19, 2010 1:53 PM changed because almost done
    Friday, November 19, 2010 8:58 AM
  • If I understand, you just need to echo the additional values, retrieved from the wshNetwork object. For example:

    Option Explicit
    Dim Count, strRdm, intRdm, WshShell, Password, oEnv, strComputer, objNetwork, objComputerName, objwmi, qry, Admin, objUser
    set WshShell = CreateObject("WScript.Shell")
    Set objNetwork = CreateObject("Wscript.Network")
    
    'Create a Random number/letter combination 12 characters long.
    
    Dim strRandom
    
    Call Main
    WScript.Echo "Password, " & strRandom _
      & ", Computername, " & objNetwork.ComputerName _
      & ", Account, " & objNetwork.UserName
    
    Sub Main
      Dim intCount, intSelect, intSelect1
      strRandom = "" 
      Randomize()
      For intCount = 1 to 12
        intSelect = Chr(Int(3 * Rnd() + 49))
        Select Case intSelect 
          Case "1" 
            intSelect1 = Chr(Int(10 * Rnd() + 48)) 
          Case "2" 
            intSelect1 = Chr(Int(26 * Rnd() + 65)) 
          Case "3" 
            intSelect1 = Chr(Int(26 * Rnd() + 97)) 
        End Select 
        strRandom = strRandom & intSelect1 
      Next
      If myRegEx(strRandom) Then Call Main
    End Sub
    
    'Use Regex to ensure there are no numbers at the beginning or end of the string.
    Function myRegEx(str)
      Dim regex
      Set regex = New RegExp
      With regex
        .Pattern = "^[0-9]|[0-9]$"
        .IgnoreCase = True
      End With
      myRegEx = regex.Test(str)
    End Function
    
    Richard Mueller
    MVP ADSI
    • Marked as answer by LikeToCode Monday, November 29, 2010 4:04 PM
    Saturday, November 27, 2010 1:49 AM
  • Hi !

    You can use WinAdminPassword tool (Open Source) : http://sourceforge.net/projects/winadminpasswd/

     

    Install it and launch this command on all your servers (Execute this command with administrator privileges) :

    winadminpassword.pl --changepassword --user "Administrator" --key "yourverysecretkey" --length "12" --verbose

     

    On your main server (Microsoft Windows or Linux servers...), install it and launch this command to find the password :

    winadminpassword.pl --printpassword --key "yourverysecretkey" --length "12" --serial "serverserialnumber"

     

    You can use the GLPI plugin, but your very secret key will be in a database !

    http://www.glpi-project.org/

    https://forge.indepnet.net/projects/winadminpassword

     

    Regards

    Nico

     

    Wednesday, July 27, 2011 3:48 PM