Still no luck
Tom
Net but still to no avail. It seems this should be a no brainer but maybe it
itsn't.
I am looking for a script I can run from the server (Windows Server 2003)
which will connect to each computer in the domain and change the local
administrator password on that machine (this has nothing to do with the AD I
don't think).
I have a script which works fine if I make the connection first - by mapping
a drive or by using network neighborhood to connect to the admin share, but
what I want is for the script to do that as well as change the password (and
set the account to active if it is inactive).
In all the time I have wasted trying to find and work out this script, I
could have manually gone to each machine and done this 10 times now :)
Any help will be greatly appreciated!
TK
faunalarch
enumerate all of the computers in the domain and then map
to them. in the script copy and then execute your current
script on each remote machine. For each machine in the
domain that comes up in the list of machines.
>.
>
Tom
Thanks in advance.
Tom
"faunalarch" <anon...@discussions.microsoft.com> wrote in message
news:080601c3ca34$89676270$a601...@phx.gbl...
anon...@discussions.microsoft.com
all computer objects in a specific OU (including sub OUs)
and gets the state of a named service. It should be fairly
easy to modify the actions for your needs. It also
includes a lot of stuff that you don't need. I haven't got
the time to shorten it just now :-)
Your actions should be something like this:
Set objUser = GetObject("WinNT://" & strName_
& "/Administrator, user")
objUser.SetPassword "testpassword"
objUser.SetInfo
Please note that you must run this as an account that had
Admin rights on all the computers you want to change.
HTH
Bjørn
PS! Please excuse the language mixup in the code :-)
------------------Start Code-----------------------------
'----------------------------------------------------------
----------
' ServiceStatus.vbs
' -----------------
' Get service status on all computers in an OU
'----------------------------------------------------------
----------
Dim strOutPut
Dim strLocation
Dim strServiceDisplay
Dim strPrev
Set objArgs = WScript.Arguments
if objArgs.count=0 Then
WScript.Echo "Debug -> No parameters"
Else
For I = 1 to objArgs.Count
GetVal objArgs(I-1), strParm, strValue
If Ucase(strParm) = "FORMAT" Then
strOutput = strValue
ElseIf UCase(strParm) = "OU" Then
strLocation = "LDAP://" &strValue
ElseIf UCase(strParm) = "SERVICE" Then
IF strServiceDisplay = "" Then
strServiceDisplay = "'" & strValue & "'"
Else
strServiceDisplay = strServiceDisplay & " Or
DisplayName = '" & strValue & "'"
End If
Else
WScript.Echo "Wrong arguments!"
WScript.Echo "Syntax: cscript ServList.vbs
[Service:<name>] ... [Format:<csv|display>] [OU:<LDAP-
Path>]"
End If
Next
End If
'
' Søkeparametre
'
If strOutput = "" then strOutput = "csv"
If strServiceDisplay = "" Then strServiceDisplay
= "Automatiske oppdateringer"
If strLocation = "" Then strLocation = "LDAP://ou=Some
OU,DC=TEST,DC=NET"
WScript.Echo "Output = " & strOutput
WScript.Echo "Display = " & strServiceDisplay
WScript.Echo "Location = " & strLocation
'
' CSV Header
'
If UCase( strOutput ) = "CSV" Then
Wscript.Echo "Computer, Comp_state," & strServiceDisplay
End IF
'
' ADSI konstanter
'
Const ADS_SCOPE_SUBTREE = 2
'----------------------------------------------------------
----------
' Henter en collection av alle computer objekter i OU
'----------------------------------------------------------
----------
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
"Select Name, Location from '" & strLocation & "' " _
& "where objectClass='computer'"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Timeout") = 30
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Cache Results") = False
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
'
' Loop all objects found in the OU (including subs)
'
Do Until objRecordSet.EOF
'
' Use ping to test if the computer is available
'
strName = Trim( objrecordSet.Fields("Name").Value)
Set objPing = GetObject("winmgmts:
{impersonationLevel=impersonate}")._
ExecQuery("select * from Win32_PingStatus where
address = '"_
& strName & "'")
For Each objStatus in objPing
'
' Ping OK?
'
strResult = ""
'If IsNull(objStatus.StatusCode) or
objStatus.StatusCode<>0 Then
If objStatus.StatusCode = 0 Then
strResult = "Online"
Else
'if strResult = "" Then strResult = "Offline"
strResult = "Offline"
End If
Next
'strResult = "Online"
If strResult = "Online" Then
'
' Connect to server and get service status
'
On Error Resume Next
Set objWMIService = GetObject("winmgmts:\\" & strName
& "\root\cimv2")
If Err.number = 0 Then
Set colRunningServices = objWMIService.ExecQuery _
("Select * from Win32_Service Where DisplayName
= " & strServiceDisplay )
If colRunningServices.Count <= 0 Then
'
' Service er ikke definert på maskinen
'
strService = "Not installed"
Else
'
' Service installed, get status
'
For Each objService in colRunningServices
If UCase( strOutput ) = "CSV" Then
strService = objService.State
Else
strService = objService.DisplayName &"
installert: " & objService.State
End If
Next
End If
Set colRunningServices = Nothing
Set objWMIService = Nothing
Else
strService = "#NA [WMI Unavailable]"
Err.clear
End If
Set objPing = Nothing
On Error Goto 0
Else
'
' Computer unavailable
'
strService = ""
End If
If strOutput = "Display" Then
Wscript.Echo "Computer Name: " & strName & " status: "
& strResult & " " & strService
Else
Wscript.Echo strName & "," & strResult & "," &
strService
End If
objRecordSet.MoveNext
Loop
' --End Main
Sub GetVal( strIn, strP, strV )
If InStr( strIn, ":" ) Then
arrParm = split( strIn, ":" )
strP = arrParm(0)
strTemp = arrParm(1)
strV = ""
If InStr( strTemp, """") Then
For J = 1 to Len(strTemp )
If Mid(strTemp,J,1) <> """" Then strV = strV & Mid
(strTemp,J,1)
Next
Else
strV = strTemp
End If
strParm = strP
strValue = strV
Else
strParm = "Error"
End If
End Sub
---------------------------------End Code-----------------
>.
>
Tom
administrator username and password than the server I am calling them from.
How do i supply the username and password needed to allow the connection to
the remote machines?
Thanks
Tom
<anon...@discussions.microsoft.com> wrote in message
news:04f901c3d126$de31e480$a501...@phx.gbl...
Gavin Garley
If you have all of the correct names and passwords for the computers,
whether you run the script against a system with the right Admin Account and
Password wouldn't really matter.
Simply write in a little error correction so your script does not fail when
it can't connect to a system and edit the script per different Account Name
and password, Or even better if you want to get it all done in one fail
swoop just write a loop that cycles through the different Admin Accounts and
Passwords.
Gavin D. Garley
"Tom" <sprdt...@hotmail.com> wrote in message
news:eY%23Ikw50...@TK2MSFTNGP12.phx.gbl...
Torgeir Bakken (MVP)
> My problem is that the machines I am trying to connect to use a different
> administrator username and password than the server I am calling them from.
> How do i supply the username and password needed to allow the connection to
> the remote machines?
Hi
IADsOpenDSObject::OpenDSObject
http://msdn.microsoft.com/library/en-us/adsi/adsi/iadsopendsobject_opendsobject.asp
(note that the constant ADS_SECURE_AUTHENTICATION mentioned in the link above
needs to be explicit defined to 1 in a VBScript)
An example on how to use OpenDSObject:
Modifying User Cannot Change Password (WinNT Provider)
http://msdn.microsoft.com/library/en-us/adsi/adsi/modifying_user_cannot_change_password_winnt_provider.asp
--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter
Torgeir Bakken (MVP)
> Have a look at the source below. This script enumerates
> all computer objects in a specific OU (including sub OUs)
> and gets the state of a named service. It should be fairly
> easy to modify the actions for your needs. It also
> includes a lot of stuff that you don't need. I haven't got
> the time to shorten it just now :-)
>
> Your actions should be something like this:
>
> Set objUser = GetObject("WinNT://" & strName_
> & "/Administrator, user")
Note that the script may fail when using a space between the two parameters in
the GetObject call above, it is safer to do like this:
& "/Administrator,user")
> objUser.SetPassword "testpassword"
> objUser.SetInfo
>
> Please note that you must run this as an account that had
> Admin rights on all the computers you want to change.
--
Tom
That sounds like what I want and even fairly easy - there's just one big
problem.
You're dealing with a neophyte when it comes to scripting for these
purposes. Can you give me an example and set my feet on the right path?
Thanks in advance.
Tom
"Gavin Garley" <ggar...@hotmail.com> wrote in message
news:O7SxT350...@TK2MSFTNGP12.phx.gbl...
Gavin Garley
I have a few more questions and then I'll tap around and see what I
can come up with.
How many Admin Accounts/Passwords vs. systems are you dealing with?
If they all are part of a domain, and the only issue you are dealing with is
that the accounts are different... I'd have to play around with that
scenario a bit but I would not think it that difficult to have a list or an
array of account names you could cycle through.
Theoretically assuming these systems were part of a domain and you had
Domain admin rights then something like this might work:
AccountName = XXXXXX
Set objUser = GetObject("WinNT://" & strName_
& "/"& AccountName &",user")
As the logic would break down, if the password change failed, the value for
AccountName would change and try to connect again and change it and so on
and so forth.
I'll have to rename an admin account and see if that would work. Give me a
bit more information on the scope of accounts and passwords and I'll test
this out as time permits.
Thanks,
Gavin D. Garley
"Tom" <sprdt...@hotmail.com> wrote in message
news:uZALwPI1...@TK2MSFTNGP12.phx.gbl...
Tom
We basically just use two - the built in administrator account with one
password, and another user account in the admin group which has its own pwd.
The latter is the one we log on and do our work as, the built in account is
kept only for backup purposes - if we get locked out of the other account
for any reason.
The server we would run this script from is a totally different admin name
and pwd than any of the machines in the domain. All of the machines in the
domain use the same two accounts listed above.
In the script I wrote, it actually asks you which account you are changing
the password for first thing - the administrator account or the other. My
problem all along has been in making the connection to the remote machines.
I don't know how to force a connection which will allow me to change things
like the password and whether or not the account is enabled or not (when we
first set up our machines, we followed the advice of someone who recommended
we disable the built in admin account for security - but now we would rather
have it available). I have searched msdn and other sites and tried some of
the things I found on the Net which seemed like they should have worked, but
in every case I got the "access denied" error.
Now I have a script which actually shells out to use the Net Use command to
map a drive (because I can pass the username and pwd of the remote machine
in with the command) to the admin share, then it runs the script then shells
out again to disconnect the drive - and it does this for all 33 machines,
making it somewhat cumbersome and slow. I know there is a better way - and I
think you have it.news:eiyMbET1...@TK2MSFTNGP12.phx.gbl...