Changing Windows password

[m0nty]

This is my first post here, so hello to everyone.

I'm writing a script which will change a user's Windows 7 password for them. But before it enables the "Set Password" button, it strength-checks the password (to weed out common patterns like "qwerty123" and "qazwsx", etc) and then checks against a dictionary to weed out anything which closely resembles a word (so "spider123" and "5p1d3r" definitely won't make it).

We use Windows 7 computers, without a domain logon but a matching account on the Windows server which stores user files and shares. (This is for historical reasons; domain logons caused all sorts of problems when we used them, hence we're back to stand-alone. I am in no position to change this.) So the password needs to be changed in two places: the local PC and the Windows 2003 server. I was planning to use "net use username password" to achieve this on the local machine, and the SysInternals "PsPasswd" utility for the server. Unfortunately, a standard user can't use either of these, and I don't want to encode the admin password in the app itself!

Reading around, the closest I can find to a solution is to get the user as a COM object (I think that's the right term) then use ChangePassword to set a new password:

$objUser = ObjGet("WinNT://pcname/" & $username & ", User")
$objUser.ChangePassword($oldpw, $newpw)

But that doesn't seem to have the desired effect (I have probably seriously misunderstood something here: this is all new to me).

I would very much appreciate any pointers about how to achieve a password change in a secure fashion.