Guy's Scripting Ezine 22 - Setting Passwords
Contents for Guy's Scripting Ezine 22
- Setting Passwords
In 1998 nearly gave up my day job to sell fingerprint logons. I saw a
demonstration of a fingerprint gismo that had a splitter, which attached to the
keyboard socket. All users had to do was: a) give a fingerprint sample, b) logon with a username and press the gismo's pad. While I'm glad I kept my day job training and consulting, I still
believe that biometric logon is the way
to go. But meanwhile, we administrator's have to grapple with passwords until a
replacement comes of age.
The scenario for this week's script is that you have to set zillions of
users passwords. Perhaps the situation you have just created a new group
'joiners, and now you have to set a particular password before they begin
work.
Calculating IP Address
ranges is a black art, which many network managers solve by creating custom
Excel spreadsheets. IPAT cracks this problem of allocating IP addresses
in networks in two ways:
For Mr Organized there is a nifty subnet
calculator, you enter the network address and the subnet mask, then IPAT
works out the usable addresses and their ranges.
For Mr Lazy IPAT
discovers and then displays the IP addresses of existing computers.
Download the Free IP Address Tracker
Here is a 'killer' advantage of VBScript over CSVDE, you can set the
password with a VBScript, but if you try and include a password field in
your import.csv, then CSVDE -i will fail.
Instructions
- Pre-requisites. You need a domain controller for this script to
work.
- Change Line 11 "OU=Cowbridge ," to the name of one of your OUs.
Alternatively, create an OU called Cowbridge.
- It may be a good idea to create or move some users into the Cowbridge OU!
Otherwise you will see " 0 Passwords Changed"
- Copy and paste the script below into notepad.
- Save the file with .vbs extension e.g. Password.vbs
- Double click and observe the message box
' Set Password.vbs
' VBScript to Set Passwords by cycling through a named OU
' Author Guy Thomas http://computerperformance.co.uk/
' Version 2.9 - March 14th 2004
' -----------------------------------------------------------------'
Option Explicit
Dim objOU, objUser, objRootDSE
Dim strContainer, strLastUser, intCounter, strDNSDomain
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strContainer = "OU=Cowbridge ,"
strContainer = strContainer & strDNSDomain
set objOU =GetObject("LDAP://" & strContainer )
intCounter = 0
For each objUser in objOU
If objUser.class="user" then
objUser.SetPassword "E@$ter-2oo4"
objUser.SetInfo
intCounter = intCounter +1
strLastUser = objUser.Get ("name")
End if
next
WScript.echo intCounter & " Passwords changed. Last user " _
& strLastUser
WScript.quit
Learning Points
Note 1: We are applying three methods to the ObjUser: .SetPassword
.SetInfo, and .Get.
Note 2: If objUser.class = "user" This command achieves our aim
of filtering out users from computer accounts.
Note 3: _ (Underscore) on line 23 , followed by & (ampersand) allows us to
break one command on to two lines. Talking of ampersand, I still find them
tricky and often forget one, which gives me a headache when troubleshooting.
Note 4: Following last week's Binding to Active Directory, I used these
commands to save you specifying a domain name:
Set objRootDSE =
GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
Note 5: strLastUser is not strictly required. Remove reference to this
variable if you prefer. However, I like the effect of strLastUser.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Orion performance monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
What I like best is the way NPM suggests solutions to network
problems. Its
also has the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating
network maps, then I recommend that you try NPM now.
Download a free trial of Solarwinds' Network Performance Monitor
Occasionally you may see T.V. programs showing amusing 'out takes' of
scenes that did not work; well here is an 'out take of my script!
My idea is to give you a script with three deliberate mistakes, so that
you have a chance to troubleshoot and correct the problems. Two errors
are straight forward, and a triumph for Option Explicit.
The third error is caused by a tiny mistake in the script which produces
a nasty Error: 0x8007203A. Your first clue that something is wrong is
that when you execute the .VBS file, nothing happens for ages. Can you find
the mistake? A good text editor would help you identify the line
number.
' Set Password.vbs
' VBScript to Set Passwords by cycling through a named OU
' Author Guy Thomas http://computerperformance.co.uk/
' Version 2.7 - March 14th 2004
' -----------------------------------------------------------------'
Option Explicit
Dim objOU, objUser, objRootDSE
Dim strContainer, strLastUser, intCounter, strContainer
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strContainer = "OU=Cowbridge ,"
strContainer = strContainer & strDNSDomain
set objOU =GetObject("LDAP:// & strContainer" )
intCounter = 0
For each objUser in objOU
If objUser.class="user" then
objUser.SetPassword
"E@ster-2oo4"
objUser.SetInfo
intCounter = intCounter +1
strLastUser = objUser.Get
("name")
End if
next
WScript.echo intCounter & " Passwords change. Last user " _
& strLastUser
WScript.quit
Wrong - Variable declared twice!
Dim strContainer, strLastUser, intCounter, strContainer
Wrong
set objOU =GetObject("LDAP:// & strContainer" )
Corrected
set objOU =GetObject("LDAP://" & strContainer )
When I began writing ebooks I had a dream of collective writing. My
vision was this; I would start the ball rolling with a logon script, and with
the internet being a big place, that others would chip in with their scripts.
So, I created my first ebook, and gave out free copies on the condition that
people gave input. You may have guessed what happened next, folks took the
free ebooks but gave zero feedback or input. C'est la vie!
Well that collective writing idea was a year ago. Fortunately, in the
mean time my faith has been restored by people sending in their scripts.
My modified vision is that I will provided the showcase, and encourage you to
send in scripts. So, if you have a script, you know where to find me.
A case in point is the fulsome script (below) that Howard send in. My
'hidden agenda' is that it's good to see different approaches to scripting, just
as you see different writing styles when you read a variety of novelist.
The following script my son wrote that allowed us
to change the print server name with out re-installing printers on the End Users
computer when we migrated printer queues from two print servers, on Win2000 and
WinNT to a Win2000 dual cpu print server using MS printmig.exe. Worked very well
and as we had some print queues that were removed as they were on both print
servers the script removes these old maps from the EU's computer cleaning their
systems in the process.
Feel free to publish, any IT manager do a print
server migration needs this script. Howard
Waggoner
IT Manager
Scimus Information Systems Ltd.
Columbus, Ohio
' Simple VBScript to check convert
printer mapping
' on workstation when moving from one print
server
' to new print server when queues are named
the same.
' Created by Mitchal Waggoner for Scimus Info
System Ltd.
' 12/28/2003
On Error Resume Next
strComputer = "."
Const ForAppending = 8
Const ForWriting = 2
Set objWMIService = GetObject("winmgmts:\\" &
strComputer & "\root\cimv2")
Set wn = WScript.CreateObject("WScript.Network")
Set ntsm = WScript.CreateObject("WScript.Shell")
Set colItems = objWMIService.ExecQuery("Select *
from Win32_Printer",,48)
For Each objItem in colItems
Dim printer, server, fso, f1, ctime, cdate, ccomp,
cuser, dprinter
printer = objItem.ShareName
server = objItem.ServerName
dprinter = objItem.ShareName
If server Is "\\rama"
or "\\FOUNDATION"
or "\\print-server"
Then
wn.RemovePrinterConnection "\\rama\"
&printer
wn.RemovePrinterConnection "\\FOUNDATION\"
&printer
wn.AddWindowsPrinterConnection "\\printers\"
&printer, printer, True
wn.SetDefaultPrinter = "\\printers\"
&printer
End If
Next
'
\\rama
is Win2000 print server
'
\\foundation
is winNT print server
' Print queues moved using printmig.exe
' to new print server
\\printers
The first part of this week's ezine has a concrete task to change passwords,
but it also develops sound scripting practice, and re-enforces ideas from
earlier ezines.
Part two features a script that a reader kindly sent in to move print
servers. Please send in your favourite script and I will feature it in the
next ezine.
See More Active Directory VBScripts for Passwords
• User Spreadsheet • Add Users to Groups • Create
Users • Free
CSV Importer • Ezines
• Ezine 11 Password •
Ezine 22 Password • Ezine 50 PwdSetLast
• VBS
PwdLastSet
• Ezine 128 IUSR Passwords •
VBScript change
password • Log
Management • Tool Kit
| 
