-
Notifications
You must be signed in to change notification settings - Fork 73
/
Set-Password.ps1
158 lines (149 loc) · 13.4 KB
/
Set-Password.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
Function Set-Password {
#requires -version 2.0
<#
.Synopsis
Allows the changing of the local account password on a local or remote machine.
.Description
Allows the changing of the local account password on a local or remote machine.
.Parameter computer
Computer that the password will be changed on. Supports a single computer or collection of computers and can be processed
through the pipeline.
.Parameter user
Account that will have the password changed.
.Example
Set-Password -computer 'server' -user 'Administrator'
User will be prompted to type in the password for Administrator prior to being changed on 'server'
.Example
Set-Password -computer @('server','server2') -user 'Administrator'
User will be prompted to type in the password for Administrator prior to being changed on 'server' and 'server2'
.Example
@('server','server2') | Set-Password -user 'Administrator'
User will be prompted to type in the password for Administrator prior to being changed on 'server' and 'server2'
.Example
Set-Password -computer (Get-Content hosts.txt) -user 'Administrator'
User will be prompted to type in the password for Administrator prior to being changed on 'server' and 'server2'
.Inputs
None
.Outputs
None
.Link
http://boeprox.wordpress.com
.Notes
NAME: Set-Password
VERSION: 1.0
AUTHOR: Boe Prox
Date: 26 August 2010
#>
[CmdletBinding(
SupportsShouldProcess = $True,
ConfirmImpact = 'low',
DefaultParameterSetName = 'server'
)]
Param (
[Parameter(
ValueFromPipeline=$True,
Position=0,
Mandatory=$True,
HelpMessage="List of servers")]
[ValidateNotNullOrEmpty()]
[array]$computer,
[Parameter(
ValueFromPipeline=$False,
Position=1,
Mandatory=$True,
HelpMessage="Account to change password")]
[ValidateNotNullOrEmpty()]
[string]$user
)
Begin {
Write-Verbose "Building container for report"
$arrlist = @()
Write-Verbose "Prompting for password"
$password = Read-Host "Type password -- VERIFY BEFORE CLICKING RETURN!!!"
Write-Verbose "Checking for existence of error log and clearing contents"
$errorlog = "passwordchangeerrors.txt"
If ([system.io.file]::exists($errorlog)) {
Clear-content $errorlog
}
}
Process {
#Iterate through computer list
ForEach ($c in $computer) {
$temp = New-Object PSobject
Try {
Write-Verbose "Testing Connection to $($c)"
Test-Connection -comp $c -count 1 -ea stop | out-null
#Verify account exists before attempting password change
Write-Verbose "Verifying that $($user) exists on $($computer)"
$colusers = ([ADSI]("WinNT://$c,computer")).children | ? {$_.psbase.schemaClassName -eq "User"} | Select -expand Name
If ($colusers -contains $user) {
Write-Host -foregroundcolor Green "Changing password on $c..."
$ErrorActionPreference = 'stop'
Try {
#Make connection to remote/local computer and user account
$account = [adsi]("WinNT://"+$c+"/$user, user")
#Change password on user account
If ($pscmdlet.ShouldProcess($($user))) {
$account.psbase.invoke("SetPassword", $password)
$account.psbase.CommitChanges()
}
Write-Verbose "Adding information to report"
$temp | Add-Member NoteProperty TimeStamp "$(get-date)"
$temp | Add-Member NoteProperty Server $c
$temp | Add-Member NoteProperty Account $user
$temp | Add-Member NoteProperty Status "Password Changed"
$temp | Add-Member NoteProperty Notes ""
}
Catch {
$errorflag = $True
Write-Verbose "Writing errors to $($errorlog)"
"$(get-date) :: Server:$($c) :: $($error[0].exception)" | Out-File -append $errorlog
Write-Verbose "Adding information to report"
$temp | Add-Member NoteProperty TimeStamp "$(get-date)"
$temp | Add-Member NoteProperty Server $c
$temp | Add-Member NoteProperty Account $user
$temp | Add-Member NoteProperty Status "Error Changing Password"
$temp | Add-Member NoteProperty Notes $error[0]
}
}
Else {
$errorflag = $True
Write-Verbose "Writing errors to $($errorlog)"
"$(get-date) :: Server:$($c) :: $($user) does not exist!)" | Out-File -append $errorlog
Write-Verbose "Adding information to report"
$temp | Add-Member NoteProperty TimeStamp "$(get-date)"
$temp | Add-Member NoteProperty Server $c
$temp | Add-Member NoteProperty Account $user
$temp | Add-Member NoteProperty Status "Unable to change password"
$temp | Add-Member NoteProperty Notes "Username does not exist"
}
}
Catch {
$errorflag = $True
Write-Verbose "Writing errors to $($errorlog)"
"$(get-date) :: Server:$($c) :: $($error[0].exception)" | Out-File -append $errorlog
Write-Verbose "Adding information to report"
$temp | Add-Member NoteProperty TimeStamp "$(get-date)"
$temp | Add-Member NoteProperty Server $c
$temp | Add-Member NoteProperty Account $user
$temp | Add-Member NoteProperty Status "Error Connecting to computer"
$temp | Add-Member NoteProperty Notes $error[0]
}
Finally {
#Merge temp report with main report
Write-Verbose "Merging report"
$arrlist += $temp
}
}
}
End {
#Generate report to screen
Write-Verbose "Generating report"
$arrlist
If ($errorflag) {
Write-Host -fore Yellow "Errors were reported during run, please look at $($pwd)\$($errorlog) for more details."
}
Write-Verbose "Removing password from variable `$password"
$password = $Null
}
}