Using Cusrmgr.exe Tool to Change Administrator Account Password

G

Guest

Hi,

I need to change the local admin password on multiple computers on my
network. I know I can use Cusrmgr.exe to do it, but most of my network
computers have the firewall enabled. Anyone know how I can bypass this?
Would it work using a script instead? I found this online;

'--------------------8<----------------------
sNewPassword = "testpassword"
Set oWshNet = CreateObject("WScript.Network")
sComputer = oWshNet.ComputerName

On Error Resume Next
Set oUser = GetObject("WinNT://" & sComputer & "/Administrator,user")
oUser.ChangePassword "old pwd here", sNewPassword
oUser.SetInfo
On Error Goto 0
'--------------------8<----------------------

Not quite sure what I would need to change in it. I know I would need to
change testpassword, ComputerName, old pwd here, sNewPassword, but not sure
of the rest. Any help will be greatly appreciated.

TIA

tj
 
S

Steven L Umbach

If you are in an Active Directory domain you can use Group Policy "startup
scripts" using simple batch files that use the net user command or other
scripts. Since startup scripts run as system context users do not need read
access to them and you can remove them but make sure domain computers have
read permissions to the file. Below is a past post from Torgeir Bakken (MVP)
that should help. Also you might consider modifying the Windows Firewalls
to accept traffic from only the IP addresses of administrator workstations
so that you can do such tasks. Group Policy could also do such as a
temporary change if you do not want to leave those IP addresses available
all the time or the computers could be configured to require ipsec from
those IP addresses. --- Steve

http://groups.google.com/group/micr...password+change&rnum=1&hl=en#b310cdf3dadb6ddd
 
G

Guest

Thanks alot!

Steven L Umbach said:
If you are in an Active Directory domain you can use Group Policy "startup
scripts" using simple batch files that use the net user command or other
scripts. Since startup scripts run as system context users do not need read
access to them and you can remove them but make sure domain computers have
read permissions to the file. Below is a past post from Torgeir Bakken (MVP)
that should help. Also you might consider modifying the Windows Firewalls
to accept traffic from only the IP addresses of administrator workstations
so that you can do such tasks. Group Policy could also do such as a
temporary change if you do not want to leave those IP addresses available
all the time or the computers could be configured to require ipsec from
those IP addresses. --- Steve

http://groups.google.com/group/micr...password+change&rnum=1&hl=en#b310cdf3dadb6ddd
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Rights to Change Local Administrator Password & rename the Computers added in domain 1
Setup was unable to change the password for user account administrator. 1
Grant Full Administrative Rights Except to change Administrator Account 3
Cannot change password 6
administrator account password 2
Administrator Password - Question 1
Process that copies a prn file to a network printer under username 8
Change Administrator Password in Active Directory 1

Top