Change Local Admin Password

[Joe_Oldendick]

We have over 700 Windows NT 4.0 Service Pack 5 clients with all the same password.

Currently looking for a way to change the password on ALL of these machines with a batch file or script.

What do most company's do when the local administrators password gets leaked?

We have a huge security problem and need a quick way to fix it without disabling or deleting the account.

Thanks
[email protected]

[fkk200]

I use three batch files (you have to be logged-in as a Domain Admin). The first views all machines in a domain and calls the second batch file which copies the third to the remote drive which, in turn, changes the local account specified with a Net User command and sends an information message to the application event log on my machine using the LogEvent command from the NT Resource Kit:

Netview.bat
@Echo off
for /f "skip=3" %%I in ('net view /domain:ntdomain') do @set NODE=%%I& call %1
(Ex. netview password.bat)

password.bat
copy /v new_pass.bat %NODE%\c$\temp\new_pass.bat
soon %NODE% 5 "c:\temp\new_pass.bat"

new_pass.bat
%SYSTEMROOT%\system32\net.exe user Administrator newpassword /expires:never /profilepath:%SYSTEMROOT%\Profiles\Administrator
%SYSTEMDrive%\ntreskit\logevent.exe -m \\mymachine -s i -c 9876 "NEW_PASS Completed on %ComputerName%"

Note: the "-c 9876" in the LogEvent command is a number I use for event filtering purposes and isn't necessary.
There may be an easier way, but this works and doesn't cost you anything.