Sign in to follow this  
Followers 0
gregnottage

Complex Local Admin password reset tool

1 post in this topic

Hi guys,

Not sure if this has been done before, but I've adapted a vbscript that I found that prompts to change the local administrator password and enforces the complex password rules. I've also borrowed a few script bits from this forum, so thanks to all those who have shared their code. Nice that I can finally contribute something to this awesome forum!

Hope it's useful.

Thanks,

Greg.

#Region ;**** Directives created by AutoIt3Wrapper_GUI **** 
#AutoIt3Wrapper_icon=user.ico 
#AutoIt3Wrapper_Res_Comment=Script to change the local admin password 
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** 
#cs ---------------------------------------------------------------------------- 

AutoIt Version: v3.3.0.0 
Author: Greg Nottage 

Script Function: 
Script to change the local admin password 
#ce ---------------------------------------------------------------------------- 

;Script Start 

;Set AutoIt options 
AutoItSetOption("TrayIconDebug", 1); Show debug info in tray icon 
AutoItSetOption("WinTitleMatchMode", 2); 2 = Match any substring in title 
AutoItSetOption("TrayIconHide", 1); 0 = do not hide, 1 = hide tray icon 

;Define Includes 
#include <ButtonConstants.au3> 
#include <EditConstants.au3> 
#include <GUIConstantsEx.au3> 
#include <StaticConstants.au3> 
#include <WindowsConstants.au3> 

;Set Variables 

;Build GUI 
#Region ### START Koda GUI section ### Form=ADMPW.kxf 
$fMain = GUICreate("Administrator Password", 366, 215, -1, -1, BitOR($WS_MINIMIZEBOX,$WS_CAPTION,$WS_POPUP,$WS_GROUP,$WS_BORDER,$WS_CLIPSIBLINGS)) 
GUISetIcon(@ScriptDir & "User.ico","", "Administrator Password") 
$iPassword = GUICtrlCreateInput("", 168, 96, 145, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL)) 
GUICtrlSetLimit(-1, 14) 
GUICtrlSetTip(-1, "Type your password here...") 
$iConfirmPw = GUICtrlCreateInput("", 168, 128, 145, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL)) 
GUICtrlSetLimit(-1, 14) 
GUICtrlSetTip(-1, "Re-enter your password here...") 
$lConfirmPw = GUICtrlCreateLabel("Confirm password:", 56, 130, 90, 17) 
$lPassword = GUICtrlCreateLabel("Password:", 56, 98, 53, 17) 
$Label1 = GUICtrlCreateLabel("Please type a new local Administrator account password", 8, 8, 323, 17) 
GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") 
$Label2 = GUICtrlCreateLabel("containing at least 8 characters, with a mix of uppercase", 8, 32, 326, 17) 
GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") 
$Label3 = GUICtrlCreateLabel("and lowercase letters, numerals, and punctuation symbols", 8, 56, 331, 17) 
GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") 
$btnOK = GUICtrlCreateButton("OK", 126, 168, 121, 41, 0) 
GUICtrlSetTip(-1, "Click here to set the password...") 
GUISetState(@SW_SHOW) 
#EndRegion ### END Koda GUI section ### 

;Main Script 

While 1 
$nMsg = GUIGetMsg() 
Switch $nMsg 
Case $GUI_EVENT_CLOSE 
Exit 
Case $btnOK 
$strPassw = GUICtrlRead($iPassword) 
$strConfirmPw = GUICtrlRead($iConfirmPw) 
$strError = "" 

If $strPassw <> "" Then 
;Msgbox(0, "Password is:", $strPassw) 
;Exit 
ElseIf $strPassw = "" Then 
$strError = $strError & "Password" & @CRLF 
EndIf 

If $strConfirmPw <> "" Then 
;Msgbox(0, "Confirm password is:", $strPassw) 
;Exit 
ElseIf $strConfirmPw = "" Then 
$strError = $strError & "Confirm password" & @CRLF 
EndIf 

If $strError <> "" Then 
_Msgbx( "Error!", "The following entries need completing: " & @CRLF & @CRLF & $strError & @CRLF & "Please click OK and re-enter the details.") 
;Exit 
ElseIf $strError = "" Then 
If $strPassw = $strConfirmPw Then 
;Verify password meets complexity requirements 
$strComplexPW = _IsComplex() 
If $strComplexPW = 1 Then 
;Set the password 
If IsAdmin() Then 
;RunWait(@ComSpec & " /c " & "net user Administrator " & $strPassW, @ScriptDir, @SW_SHOW); Change the admin pw 
;MsgBox(0, "Setting Admin password to:", $strPassw) 
_SetPassword(); Calls the SetPassword() function to set the local Admin password 
_Msgbx("Password changed","Your password has been set successfully") 
Exit 
Else 
_Msgbx("Warning!", "This account does not have Admin rights." & @CRLF & "Please re-run this tool using an account with Admin rights!") 
Exit 
EndIf 
Else 
;Re-type password as it doesn't meet complexity requirements 
_Msgbx("Password is...", "Not complex!" & @CRLF & @CRLF & "Please enter a password that" & @CRLF & "meets the complexity requirements.") 
EndIf 
Else 
_Msgbx("Passwords...", "Do not match!" & @CRLF & "Please re-enter the passwords.") 
EndIf 
EndIf 

;Exit 
;Exit 

EndSwitch 
WEnd 

;Define Functions 
Func _Msgbx($strTitle,$strMsg) 
GUICtrlSetState($btnOK, $GUI_DISABLE); Disable the 'OK' button 
MsgBox(262144, $strTitle, $strMsg) 
GUICtrlSetState($btnOK, $GUI_ENABLE); Re-enable the 'OK' button 
EndFunc 

Func _IsComplex() 
$iStrength = 0 

;Check Length 
If StringLen($strPassw) >= 8 Then 
$iStrength = $iStrength + 1 
;MsgBox(0, "$iStrength = ", $iStrength) 
EndIf 

;Check for Lowercase letters 
$strReturn = _CheckValue(97,122,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;Check for Uppercase letters 
$strReturn = _CheckValue(65,90,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;Check for numbers 
$strReturn = _CheckValue(48,57,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;Check for special characters 
$strReturn = _CheckValue(33,47,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 
$strReturn = _CheckValue(58,64,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 
$strReturn = _CheckValue(91,96,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 
$strReturn = _CheckValue(123,255,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;MsgBox(0, "$iStrength = ", $iStrength) 
If $iStrength >= 5 Then 
Return(1) 
EndIf 

EndFunc 

Func _CheckValue($x, $y, $strPassw) 
$iLoopvar = 0 
For $iLoopvar = $x To $y 
If StringInStr($strPassw, Chr($iLoopvar), 1,1, 1) > 0 Then 
;MsgBox(0, "$iLoopvar = ", Chr($iLoopvar)) 
Return(1) 
EndIf 
Next 
EndFunc 

Func _SetPassword() 
Dim $objWshShell, $objFSO, $objNetwork, $objWMI 
Dim $Admin, $objItem, $objUser 

$objFSO = ObjCreate("Scripting.FileSystemObject") 
$objWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!.rootcimv2") 

;Gets the local Admin account name like the function says 
$Admin = _GetAdministratorName(@ComputerName) 

;Sets up the COM for changing the password 
$objUser = ObjGet("WinNT://./" & $Admin) 
If @error Then 
Exit 
; Aborts the process with a failure code. 
Else 
$objUser.SetPassword($strPassW) 
$objUser.SetInfo() 

If @error Then 
Exit 
; Aborts the process with a failure code, I hope. 
EndIf 
EndIf 
EndFunc 

;Get the local administrator account name. Hope it works because this blows up if it don't. 
Func _GetAdministratorName($ComputerName) 
Dim $UserSID, $oWshNetwork, $oUserAccounts, $objWMIService 
$objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!//" & $ComputerName & "/root/cimv2") 
$oUserAccounts = $objWMIService.ExecQuery("Select Name, SID from Win32_UserAccount WHERE Domain = '" & $ComputerName & "'") 
For $oUserAccount In $oUserAccounts 
If StringLeft($oUserAccount.SID, 9) = "S-1-5-21-" And _ 
StringRight($oUserAccount.SID, 4) = "-500" Then 
Return $oUserAccount.Name 
EndIf 
Next 
EndFunc ;==>GetAdministratorName 

;Script End

ADMPW.zip

Share this post


Link to post
Share on other sites



Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0