2 Replies Latest reply on Apr 15, 2014 9:18 AM by NeoIsTaken

    Changing Local Administrator Password Using LDMS Policies

    Specialist

      TLDR:
      To be able to securely reset a local admin I used a compiled VBscript to execute the change. The script also creates a custom registry for tracking versions using inventory scanner.

       

       

       

      VBscript to change local admin password with custom registry:

      Set wshShell = CreateObject( "WScript.Shell" ) 
      wshShell.RegWrite"HKLM\SOFTWARE\<YOUR_COMPANY>\ADMver", "1.0.0.0", "REG_SZ"'<--- My compiled script version


      Set WshNetwork = WScript.CreateObject("WScript.Network") 
      strComputer = WshNetwork.ComputerName

      strComputer = "."
      Set objUser = GetObject("WinNT://" & strComputer & "/Administrator,user") 


      objUser.SetPassword"<Special Top Secret>"' <--- this will be the new admin password. 
      objUser.SetInfo

      I used ADMver as the reg key. The value is the version of my compiled script

       

       

       

      Compile Script

      Once you have a working script you need to compile it. There are many free compilers. xNeat has a free version. I went with VbsEdit. The cost was small and you can set UAC access level and compile it to run silent. Be sure to compile with WScript. I still saw a DOS window popup when complied with CSript.

       

       

      4-8-2014 4-36-44 PM.jpg

       

       

       

      Add Custom Registry to LDMS scanner

      In the LANDesk consol navigate to Tools>Reporting / Monitoring>Manage Software List

       

      Select Custom Data > Registry Items.
      Click Green
      Enter the Registry Key information used in the VBscript.

       

      4-8-2014 3-41-07 PM.jpg

       

       

      Create the Distribution Package
      Schedule the Distribution Package

      Set Delivery Method to Policy

      Everything you need to know about Software distribution with LANDesk: http://community.landesk.com/support/community/systems/softwaredist