Guy’s Scripting Ezine 22 – Setting Passwords

Contents for Guy’s Scripting Ezine 22 – Setting Passwords

This Week’s Secret – Passwords

In 1998 nearly gave up my day job to sell fingerprint logons.  I saw a demonstration of a fingerprint gismo that had a splitter, which attached to the keyboard socket.  All users had to do was: a) give a fingerprint sample, b) logon with a username and press the gismo’s pad.  While I’m glad I kept my day job training and consulting, I still believe that biometric logon is the way to go.  But meanwhile, we administrator’s have to grapple with passwords until a replacement comes of age.

The scenario for this week’s script is that you have to set zillions of users passwords.  Perhaps the situation you have just created a new group ‘joiners, and now you have to set a particular password before they begin work.

Guy Recommends: The Free IP Address Tracker (IPAT) IP Tracker

Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets.  IPAT cracks this problem of allocating IP addresses in networks in two ways:

For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges. 

For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers. Download the Free IP Address Tracker

VBScript to change passwords. 

Here is a ‘killer’ advantage of VBScript over CSVDE, you can set the password with a VBScript, but if you try and include a password field in your import.csv, then CSVDE -i will fail.

Instructions

  1. Pre-requisites.  You need a domain controller for this script to work.
  2. Change Line 11 "OU=Cowbridge ," to the name of one of your OUs.  Alternatively, create an OU called Cowbridge.
  3. It may be a good idea to create or move some users into the Cowbridge OU!  Otherwise you will see " 0 Passwords Changed"
  4. Copy and paste the script below into notepad.
  5. Save the file with .vbs extension e.g. Password.vbs
  6. Double click and observe the message box

‘ Set Password.vbs
‘ VBScript to Set Passwords by cycling through a named OU
‘ Author Guy Thomas https://computerperformance.co.uk/
‘ Version 2.9 – March 14th 2004
‘ —————————————————————–‘
Option Explicit
Dim objOU, objUser, objRootDSE
Dim strContainer, strLastUser, intCounter, strDNSDomain
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strContainer = "OU=Cowbridge ,"
strContainer = strContainer & strDNSDomain
set objOU =GetObject("LDAP://" & strContainer )
intCounter = 0
    For each objUser in objOU
        If objUser.class="user" then
        objUser.SetPassword "E@$ter-2oo4"
        objUser.SetInfo
        intCounter = intCounter +1
        strLastUser = objUser.Get ("name")
        End if
    next
WScript.echo intCounter & " Passwords changed. Last user " _
& strLastUser
WScript.quit

Learning Points

Note 1: We are applying three methods to the ObjUser: .SetPassword .SetInfo, and .Get.

Note 2: If objUser.class = "user"   This command achieves our aim of filtering out users from computer accounts.

Note 3: _ (Underscore) on line 23 , followed by & (ampersand) allows us to break one command on to two lines.  Talking of ampersand, I still find them tricky and often forget one, which gives me a headache when troubleshooting.

Note 4:  Following last week’s Binding to Active Directory, I used these commands to save you specifying a domain name:
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

Note 5: strLastUser is not strictly required.  Remove reference to this variable if you prefer.  However, I like the effect of strLastUser.

Guy Recommends:  A Free Trial of the Network Performance Monitor (NPM)Review of Orion NPM v11.5 v11.5

SolarWinds’ Orion performance monitor will help you discover what’s happening on your network.  This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.

What I like best is the way NPM suggests solutions to network problems.  Its also has the ability to monitor the health of individual VMware virtual machines.  If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.

Download a free trial of Solarwinds’ Network Performance Monitor

Out Takes – Introducing Guy’s Challenges

Occasionally you may see T.V. programs showing amusing ‘out takes’ of scenes that did not work; well here is an ‘out take of my script!

My idea is to give you a script with three deliberate mistakes, so that you have a chance to troubleshoot and correct the problems.  Two errors are straight forward, and a triumph for Option Explicit.

The third error is caused by a tiny mistake in the script which produces a nasty Error: 0x8007203A.  Your first clue that something is wrong is that when you execute the .VBS file, nothing happens for ages. Can you find the mistake?  A good text editor would help you identify the line number.

‘ Set Password.vbs
‘ VBScript to Set Passwords by cycling through a named OU
‘ Author Guy Thomas https://computerperformance.co.uk/
‘ Version 2.7 – March 14th 2004
‘ —————————————————————–‘
Option Explicit
Dim objOU, objUser, objRootDSE
Dim strContainer, strLastUser, intCounter, strContainer
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strContainer = "OU=Cowbridge ,"
strContainer = strContainer & strDNSDomain
set objOU =GetObject("LDAP:// & strContainer" )
intCounter = 0
   For each objUser in objOU
         If objUser.class="user" then
         objUser.SetPassword "E@ster-2oo4"
         objUser.SetInfo
         intCounter = intCounter +1
         strLastUser = objUser.Get ("name")
         End if
    next
WScript.echo intCounter & " Passwords change. Last user " _
& strLastUser
WScript.quit

Wrong – Variable declared twice!

Dim strContainer, strLastUser, intCounter, strContainer

Wrong

set objOU =GetObject("LDAP:// & strContainer" )

Corrected

set objOU =GetObject("LDAP://" & strContainer )

This week’s second secret – Guy’s dream of collective writing.

When I began writing ebooks I had a dream of collective writing.  My vision was this; I would start the ball rolling with a logon script, and with the internet being a big place, that others would chip in with their scripts.  So, I created my first ebook, and gave out free copies on the condition that people gave input.  You may have guessed what happened next, folks took the free ebooks but gave zero feedback or input. C’est la vie!

Well that collective writing idea was a year ago.  Fortunately, in the mean time my faith has been restored by people sending in their scripts.  My modified vision is that I will provided the showcase, and encourage you to send in scripts.  So, if you have a script, you know where to find me.

A case in point is the fulsome script (below) that Howard send in.  My ‘hidden agenda’ is that it’s good to see different approaches to scripting, just as you see different writing styles when you read a variety of novelist.

Script to Change Print Server

The following script my son wrote that allowed us to change the print server name with out re-installing printers on the End Users computer when we migrated printer queues from two print servers, on Win2000 and WinNT to a Win2000 dual cpu print server using MS printmig.exe. Worked very well and as we had some print queues that were removed as they were on both print servers the script removes these old maps from the EU’s computer cleaning their systems in the process.

Feel free to publish, any IT manager do a print server migration needs this script. Howard Waggoner
IT Manager
Scimus Information Systems Ltd.
Columbus, Ohio

‘  Simple VBScript to check convert printer mapping
‘  on workstation when moving from one print server
‘  to new print server when queues are named the same.
‘  Created by Mitchal Waggoner for Scimus Info System Ltd.
‘  12/28/2003

On Error Resume Next
strComputer = "."
Const ForAppending = 8
Const ForWriting = 2
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set wn = WScript.CreateObject("WScript.Network")
Set ntsm = WScript.CreateObject("WScript.Shell")
Set colItems = objWMIService.ExecQuery("Select * from Win32_Printer",,48)
For Each objItem in colItems
Dim printer, server, fso, f1, ctime, cdate, ccomp, cuser, dprinter
printer = objItem.ShareName
server  = objItem.ServerName
dprinter = objItem.ShareName
 If server Is "\\rama" or "\\FOUNDATION" or "\\print-server" Then
  wn.RemovePrinterConnection "\\rama\" &printer
  wn.RemovePrinterConnection "\\FOUNDATION\" &printer
  wn.AddWindowsPrinterConnection "\\printers\" &printer, printer, True
  wn.SetDefaultPrinter = "\\printers\" &printer
 End If
Next

‘  \\rama is Win2000 print server
‘  \\foundation is winNT print server
‘  Print queues moved using printmig.exe
‘  to new print server \\printers

Summary

The first part of this week’s ezine has a concrete task to change passwords, but it also develops sound scripting practice, and re-enforces ideas from earlier ezines.

Part two features a script that a reader kindly sent in to move print servers.  Please send in your favourite script and I will feature it in the next ezine.

See More Active Directory VBScripts for Passwords

• User Spreadsheet  • Add Users to Groups  • Create Users  • Free CSV Importer  • Ezines

Ezine 11 Password  • Ezine 22 Password  • Ezine 50 PwdSetLast • VBS PwdLastSet

Ezine 128 IUSR Passwords  • VBScript change password  • Log Management  • Tool Kit