Subscribe to Windows IT Pro
January 23, 2006 12:00 AM

Change Local Administrator Account Passwords Automatically

Use Set-LocalPassword to ensure a more secure environment
Alex Angelopoulos
Windows IT Pro
InstantDoc ID #48956
Rating: (6)
Downloads
48956.zip

How to Use the Tool
How you launch the Set-LocalPassword tool depends on your Windows OSs and whether you have many or only a few computers. To use the Set-LocalPassword tool on a Windows 2003 or XP system that has many computers, log on to the domain using an account that has workstation administration rights, open a command-shell window, and enter the command to run the tool. For example, suppose your input file is C:\ computers.txt, the workstation administrator accounts are all named admin, and you want to set the account passwords to tw1nkl3. On a Windows 2003 or XP system, you'd execute the command 

Set-LocalPassword
 admin 

Set-LocalPassword will prompt you to enter and confirm the new password, then begin changing the passwords. When a password change succeeds, the output shows the machine name followed by the word SUCCESS. If you have a noncatastrophic failure, the script displays the machine name followed by the word FAILURE and a brief description of the cause. If you don't want to display the success messages, you can suppress them with the /Q switch to display only the machines that couldn't be updated and the possible reasons for the failures. 


You can redirect the script's output to a file. Because the failures use the console's standard error stream, the redirection must specify the error stream, which has an ID of 2. The following command sends success messages to the console and redirects failure messages to the error.log file: 


Set-LocalPassword
 admin 
 error.log 


If you want to change passwords on just a few machines, you can specify each machine name on the command line after the name of the account to change: 


Set-LocalPassword admin
  WS01 WS02 WS03 WS04 


To use the Set-LocalPassword tool on a Win2K or NT 4.0 system on which the ADSI extensions are installed, you need to provide the password on the command line. Log on to the domain using an account that has workstation administration rights, open a command-shell window, and run the command 


Set-LocalPassword
 admin /P: tw1nkl3
 

Changing Local Administrator Passwords Made Easy

  Organizations without centralized network infrastructures need a way to regularly change their local Administrator account passwords to avoid security vulnerabilities. The Set-LocalPassword tool lets those organizations easily change these important passwords, no matter whether their Windows networks are large or small. 


Alex K.Angelopoulos (alexangelopoulos@ hotmail.com) is a senior network engineer who does IT consulting work in Indiana. He is an MCSE, an MCP+I, and an MVP.

Related Content:

ARTICLE TOOLS

Comments
Add A Comment
  • Ken
    6 years ago
    Jun 30, 2006

    ditto

  • Thomas
    6 years ago
    Mar 20, 2006

    Where is the code?

  • ROBERT
    6 years ago
    Mar 13, 2006

    Uh - where in Hades is the Set-LocalPassword tool?

  • 6 years ago
    Feb 24, 2006

    Where is the code. The zip file only contains the GetConfirmedPassword Function. No other code.

  • MARK
    6 years ago
    Feb 05, 2006

    Article would be really useful if the download zip file actually have the Set-LocalPassword tool in it. I am I the only one on the planet to notice this?

You must log on before posting a comment.

Are you a new visitor? Register Here

advertisement

advertisement

Dev Pro Left-Brain SharePoint Pro SQL Server Pro SuperSite for Windows Windows IT Pro

© 2012 Penton Media, Inc.

Home About Us Advertise Customer Service Privacy Statement Subscribe/Renew Terms Of Use

Windows is a trademark of the Microsoft group of companies. Windows IT Pro is used by Penton Media Inc. under license from owner.