m0nty Posted July 29, 2010 Posted July 29, 2010 This is my first post here, so hello to everyone. I'm writing a script which will change a user's Windows 7 password for them. But before it enables the "Set Password" button, it strength-checks the password (to weed out common patterns like "qwerty123" and "qazwsx", etc) and then checks against a dictionary to weed out anything which closely resembles a word (so "spider123" and "5p1d3r" definitely won't make it). We use Windows 7 computers, without a domain logon but a matching account on the Windows server which stores user files and shares. (This is for historical reasons; domain logons caused all sorts of problems when we used them, hence we're back to stand-alone. I am in no position to change this.) So the password needs to be changed in two places: the local PC and the Windows 2003 server. I was planning to use "net use username password" to achieve this on the local machine, and the SysInternals "PsPasswd" utility for the server. Unfortunately, a standard user can't use either of these, and I don't want to encode the admin password in the app itself! Reading around, the closest I can find to a solution is to get the user as a COM object (I think that's the right term) then use ChangePassword to set a new password: $objUser = ObjGet("WinNT://pcname/" & $username & ", User") $objUser.ChangePassword($oldpw, $newpw) But that doesn't seem to have the desired effect (I have probably seriously misunderstood something here: this is all new to me). I would very much appreciate any pointers about how to achieve a password change in a secure fashion.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now