JonJohnstonI have been trying to write a script, unsuccessfully so far, that will take my company's admin account and make it a local administrator on our client's machines. Several client's are on a domain and our account is a domain admin, (or should be, I am also double checking that). The reason behind this it our account has three or four different passwords depending on the client and we want to set one global password for our account. I have a successful script to reset the password but always get access denied, found out it is due to not being a local admin. Does anybody have ideas or a successful script to accomplish this? There is in excess of 800 machines. Thanks.
JonJohnstonWell I had tried that. Currently my script looks like the following.
Step one. execute shell command.
net localgroup administrators myaccount /add
execute as sytem.
Step two. execute shell command.
net user myaccount password /expires:never /add
execute as user.
I keep getting erros on the change password part as the local admin part is not working. Going by your command I must include the domain also? Even though am wanting to just change the local admin?
Update: I just ran the local admin add from a command prompt on a machine and keep getting the same system error has occurred. Acess is denied. I tried including the domain name and recieved the same error.
ttokarI am looking for a way to change several locations local admin account password I thought I would post since your very close to what I am trying to do
trebligbWhat context is the command running under? Local or domain? You might be having a problem if it is not a domain account with it being able to access the domain to get the account information to make it part of the group.
XeviouSYou have the two steps out of order. Swap them.
You need to create the user account first and then add it to the local administrators group.
JonJohnstonI would like to say thank you to everybody who replied, your help is appreciated. I was able to get a successful script.
To change the domain password of an user account:
execute shell command
net user username password /expires:never
execute as user
This successfully ran on about 30 domain controllers and reset our domain account password. This must be ran on the domain controller.
I have also solved the original issue with setting as a local admin, this is done from the remote control, reset password option in Kaseya.