|
There are several ways of doing this. You can spend hours of your time
creating a batch, WSH or VB script that searches for all the variables
needed to change the local admin password on your network, or you can
save time and effort by using the utility call cryptpwd.exe provided in
the NT and 2000 Resource kits. I recommend using the cryptpwd.exe
approach unless you want to impress your boss with your scripting
abilities.
Here is how you can use cryptpwd.exe to change the entire domain's local
admin accounts. First you need to create a simple text file with the
list of computers you wish to change (you can get a list of the
computers in your domain from server manager or active directory if you
are using Windows 2000). Next, you need to create a simple batch file and
add the following line:
For /F %%x in (sampletext.txt) do cryptpwd - m %%x -P changedpass
Substitute "sampletext.txt" with the name of the text file you created
and changedpass with the new password you wish to use. Save the batch
file, the text file and the cryptpwd.exe file in the same directory and
you are ready to change you company's local admin passwords. You can run
this from an account that has domain admin rights or you can get
creative and put this in a login script. I prefer to run it from my
desktop. Cryptpwd also provides you with additional switches you can use
to change the local admin username as well.
For more information on this topic, visit these other SearchSecurity resources:
Best Web Links: Securing Microsoft applications
Best Web Links: Passwords
|
