randersonda
-
Total Posts
:
4
- Scores: 0
-
Reward points
:
0
- Joined: 11/16/2009
- Location: Jacksonville, FL
-
Status: offline
|
Windows Domain - Use LDAP to Select Mutiple Computers and Then Change Local Admin Password
Monday, November 16, 2009 5:51 AM
( permalink)
Simple script I worked on to solve my problem of having 80+ computers on a domain with several different local admin passwords being used. On Error Resume Next
Dim strComputer
Dim boolPingFlag
Dim WshShell
Const ADS_SCOPE_SUBTREE = 2
Const ForWriting = 2
'---===Opens file to be edited===---
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("changelog.txt", ForWriting)
'---===Creates a connection to the Active Directory Database with previous credentials===---
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
'---===Activates above connection and selects computers fromt the PassTest OU===---
Set objCommand.ActiveConnection = objConnection
objCommand.CommandText = "Select Name From 'LDAP://ou=TestOU,dc=jaxbank,dc=com' WHERE objectCategory='computer'"
'---===Sets search options===---
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
'---===Executes the SQL query and saves to a record set===---
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
'---===Creates the Shell object that can run DOS commands===---
Set WshShell = WScript.CreateObject("WScript.Shell")
'---===Loops through all records in the set===---
Do Until objRecordSet.EOF
strComputer = objRecordSet.Fields("Name").Value
'---===Will check to see if the computer entered is off or firewalled===---
boolPingFlag = Not CBool(WshShell.run("ping.exe -n 2 -w 500 " & strComputer,0,True))
If boolPingFlag = False Then
objFile.WriteLine ("<<<...FAILED...>>> " & strComputer)
Else
'---===Selects the local Administrator account on computer variable===---
Set objUser = GetObject("WinNT://" & strComputer & "/JaxBankAdmin")
'---===Checks to see if the adminitrator account was located and selected===---
If err <> 0 Then
objFile.WriteLine ("<<<FAILED OPERATION:>>> " & strComputer)
Else
'---===Sets local administrator password===---
objUser.SetPassword "TestPassword"
objFile.WriteLine ("Successful: " & strComputer)
End If
End If
err.clear
objRecordSet.MoveNext
Loop I'm a VBScript n00b so I'm sure there is room for improvement. One thing I would like to improve myself but can't quite figure out is to select computer objects located in sub-OU's.
<message edited by randersonda on Monday, November 16, 2009 5:57 AM>
|
|
|
|
ebgreen
-
Total Posts
:
8227
- Scores: 98
-
Reward points
:
0
- Joined: 7/12/2005
-
Status: offline
|
Re:Windows Domain - Use LDAP to Select Mutiple Computers and Then Change Local Admin Passw
Monday, November 16, 2009 7:53 AM
( permalink)
Thanks for sharing. the first suggestion that I would make would be to remove the Global On Error Resume next. It makes troubleshooting more difficult. Better would be to use On Error Resume Next and On Error Goto 0 where you expect to have problems.
|
|
|
|
randersonda
-
Total Posts
:
4
- Scores: 0
-
Reward points
:
0
- Joined: 11/16/2009
- Location: Jacksonville, FL
-
Status: offline
|
Re:Windows Domain - Use LDAP to Select Mutiple Computers and Then Change Local Admin Passw
Thursday, November 19, 2009 5:57 AM
( permalink)
ebgreen
Thanks for sharing. the first suggestion that I would make would be to remove the Global On Error Resume next. It makes troubleshooting more difficult. Better would be to use On Error Resume Next and On Error Goto 0 where you expect to have problems.
Gotcha, that makes sense. Thanks for the advice!
|
|
|
|