Screen shot 2018 05 23 at 13.40.10

Reset Local Administrator Password

Change the local administrator password

Description

Two procedures are included, they both reset the local "administrator" account's password. One to a random value using www.dinopass.com strong password option, and the other one using a static value that needs to be modified in the procedure on line 2 instead of "Passwordtochange7"
Both procedures will write the new password in the Agent Procedure Log, as well as upload a file in the GetFile folder on that endpoint with the new admin password (the file is called adminpwd.txt)
When running the non random procedure, ensure the password meets all complexity requirements as set for that endpoint.

Developer
  • Name: Douglas Sanchez
  • Company: Kaseya
  • Website: http://www.kaseya.com
  • Contact Developer
  • Summary
  • Reset Local Administrator Password
  • 487 Downloads
  • Released on May 23rd, 2018
  • Reviews
    Gravatar for Jack McEvoy
    by Jack McEvoy on November 14th, 2019

    Works as intended. I also added a line to the procedure to set the password to never expire: wmic useraccount WHERE "Name='administrator'" set PasswordExpires=false The above command needed a few extra seconds to run, so I had to add a pause in the agent procedure to let it catch up.

    Gravatar for John Rutkowski
    by John Rutkowski on October 8th, 2019

    Great to automate the change to reduce the lateral spread. I'll give it 5 stars when it can know not to run on Domain Controllers.

    Discussion
    Gravatar for John Rutkowski
    John Rutkowski 12 months ago

    This is a great tool, but I would not write the TXT file back to KWORKING.
    Shadow Copy could be used to recover, possible Recycle Bin.

    FYI if there is a > or < in the password the result is not stored in the TXT file of Log, because it is interpreted as a pipe command. My very first random password contained a >

    Also the passwords are not truely random, they use a log of formulaic character replacement.


    I made a Custom filed to store that in.

    I'd want a way so the procedure does NOT run on Domain Controllers. Being I don't want AD admin account changed.

    Gravatar for John Rutkowski
    John Rutkowski 12 months ago

    How to we know this URL is not recording the passwords generated and the IP from which the request came from

    Gravatar for John Rutkowski
    John Rutkowski 12 months ago

    FYI this does not work on Server 2008, but kind of moot since theya re going away this year.