Change the local administrator password
Two procedures are included, they both reset the local "administrator" account's password. One to a random value using www.dinopass.com strong password option, and the other one using a static value that needs to be modified in the procedure on line 2 instead of "Passwordtochange7"
Both procedures will write the new password in the Agent Procedure Log, as well as upload a file in the GetFile folder on that endpoint with the new admin password (the file is called adminpwd.txt)
When running the non random procedure, ensure the password meets all complexity requirements as set for that endpoint.
Works as intended. I also added a line to the procedure to set the password to never expire: wmic useraccount WHERE "Name='administrator'" set PasswordExpires=false The above command needed a few extra seconds to run, so I had to add a pause in the agent procedure to let it catch up.
Great to automate the change to reduce the lateral spread. I'll give it 5 stars when it can know not to run on Domain Controllers.
This is a great tool, but I would not write the TXT file back to KWORKING.
Shadow Copy could be used to recover, possible Recycle Bin.
FYI if there is a > or < in the password the result is not stored in the TXT file of Log, because it is interpreted as a pipe command. My very first random password contained a >
Also the passwords are not truely random, they use a log of formulaic character replacement.
I made a Custom filed to store that in.
I'd want a way so the procedure does NOT run on Domain Controllers. Being I don't want AD admin account changed.
How to we know this URL is not recording the passwords generated and the IP from which the request came from
FYI this does not work on Server 2008, but kind of moot since theya re going away this year.