Jump to content
Sign in to follow this  
gregnottage

Complex Local Admin password reset tool

Recommended Posts

gregnottage

Hi guys,

Not sure if this has been done before, but I've adapted a vbscript that I found that prompts to change the local administrator password and enforces the complex password rules. I've also borrowed a few script bits from this forum, so thanks to all those who have shared their code. Nice that I can finally contribute something to this awesome forum!

Hope it's useful.

Thanks,

Greg.

#Region ;**** Directives created by AutoIt3Wrapper_GUI **** 
#AutoIt3Wrapper_icon=user.ico 
#AutoIt3Wrapper_Res_Comment=Script to change the local admin password 
#EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** 
#cs ---------------------------------------------------------------------------- 

AutoIt Version: v3.3.0.0 
Author: Greg Nottage 

Script Function: 
Script to change the local admin password 
#ce ---------------------------------------------------------------------------- 

;Script Start 

;Set AutoIt options 
AutoItSetOption("TrayIconDebug", 1); Show debug info in tray icon 
AutoItSetOption("WinTitleMatchMode", 2); 2 = Match any substring in title 
AutoItSetOption("TrayIconHide", 1); 0 = do not hide, 1 = hide tray icon 

;Define Includes 
#include <ButtonConstants.au3> 
#include <EditConstants.au3> 
#include <GUIConstantsEx.au3> 
#include <StaticConstants.au3> 
#include <WindowsConstants.au3> 

;Set Variables 

;Build GUI 
#Region ### START Koda GUI section ### Form=ADMPW.kxf 
$fMain = GUICreate("Administrator Password", 366, 215, -1, -1, BitOR($WS_MINIMIZEBOX,$WS_CAPTION,$WS_POPUP,$WS_GROUP,$WS_BORDER,$WS_CLIPSIBLINGS)) 
GUISetIcon(@ScriptDir & "User.ico","", "Administrator Password") 
$iPassword = GUICtrlCreateInput("", 168, 96, 145, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL)) 
GUICtrlSetLimit(-1, 14) 
GUICtrlSetTip(-1, "Type your password here...") 
$iConfirmPw = GUICtrlCreateInput("", 168, 128, 145, 21, BitOR($ES_PASSWORD,$ES_AUTOHSCROLL)) 
GUICtrlSetLimit(-1, 14) 
GUICtrlSetTip(-1, "Re-enter your password here...") 
$lConfirmPw = GUICtrlCreateLabel("Confirm password:", 56, 130, 90, 17) 
$lPassword = GUICtrlCreateLabel("Password:", 56, 98, 53, 17) 
$Label1 = GUICtrlCreateLabel("Please type a new local Administrator account password", 8, 8, 323, 17) 
GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") 
$Label2 = GUICtrlCreateLabel("containing at least 8 characters, with a mix of uppercase", 8, 32, 326, 17) 
GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") 
$Label3 = GUICtrlCreateLabel("and lowercase letters, numerals, and punctuation symbols", 8, 56, 331, 17) 
GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") 
$btnOK = GUICtrlCreateButton("OK", 126, 168, 121, 41, 0) 
GUICtrlSetTip(-1, "Click here to set the password...") 
GUISetState(@SW_SHOW) 
#EndRegion ### END Koda GUI section ### 

;Main Script 

While 1 
$nMsg = GUIGetMsg() 
Switch $nMsg 
Case $GUI_EVENT_CLOSE 
Exit 
Case $btnOK 
$strPassw = GUICtrlRead($iPassword) 
$strConfirmPw = GUICtrlRead($iConfirmPw) 
$strError = "" 

If $strPassw <> "" Then 
;Msgbox(0, "Password is:", $strPassw) 
;Exit 
ElseIf $strPassw = "" Then 
$strError = $strError & "Password" & @CRLF 
EndIf 

If $strConfirmPw <> "" Then 
;Msgbox(0, "Confirm password is:", $strPassw) 
;Exit 
ElseIf $strConfirmPw = "" Then 
$strError = $strError & "Confirm password" & @CRLF 
EndIf 

If $strError <> "" Then 
_Msgbx( "Error!", "The following entries need completing: " & @CRLF & @CRLF & $strError & @CRLF & "Please click OK and re-enter the details.") 
;Exit 
ElseIf $strError = "" Then 
If $strPassw = $strConfirmPw Then 
;Verify password meets complexity requirements 
$strComplexPW = _IsComplex() 
If $strComplexPW = 1 Then 
;Set the password 
If IsAdmin() Then 
;RunWait(@ComSpec & " /c " & "net user Administrator " & $strPassW, @ScriptDir, @SW_SHOW); Change the admin pw 
;MsgBox(0, "Setting Admin password to:", $strPassw) 
_SetPassword(); Calls the SetPassword() function to set the local Admin password 
_Msgbx("Password changed","Your password has been set successfully") 
Exit 
Else 
_Msgbx("Warning!", "This account does not have Admin rights." & @CRLF & "Please re-run this tool using an account with Admin rights!") 
Exit 
EndIf 
Else 
;Re-type password as it doesn't meet complexity requirements 
_Msgbx("Password is...", "Not complex!" & @CRLF & @CRLF & "Please enter a password that" & @CRLF & "meets the complexity requirements.") 
EndIf 
Else 
_Msgbx("Passwords...", "Do not match!" & @CRLF & "Please re-enter the passwords.") 
EndIf 
EndIf 

;Exit 
;Exit 

EndSwitch 
WEnd 

;Define Functions 
Func _Msgbx($strTitle,$strMsg) 
GUICtrlSetState($btnOK, $GUI_DISABLE); Disable the 'OK' button 
MsgBox(262144, $strTitle, $strMsg) 
GUICtrlSetState($btnOK, $GUI_ENABLE); Re-enable the 'OK' button 
EndFunc 

Func _IsComplex() 
$iStrength = 0 

;Check Length 
If StringLen($strPassw) >= 8 Then 
$iStrength = $iStrength + 1 
;MsgBox(0, "$iStrength = ", $iStrength) 
EndIf 

;Check for Lowercase letters 
$strReturn = _CheckValue(97,122,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;Check for Uppercase letters 
$strReturn = _CheckValue(65,90,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;Check for numbers 
$strReturn = _CheckValue(48,57,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;Check for special characters 
$strReturn = _CheckValue(33,47,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 
$strReturn = _CheckValue(58,64,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 
$strReturn = _CheckValue(91,96,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 
$strReturn = _CheckValue(123,255,$strPassw) 
If $strReturn <> 0 Then 
$iStrength = $iStrength + 1 
$strReturn = "" 
EndIf 

;MsgBox(0, "$iStrength = ", $iStrength) 
If $iStrength >= 5 Then 
Return(1) 
EndIf 

EndFunc 

Func _CheckValue($x, $y, $strPassw) 
$iLoopvar = 0 
For $iLoopvar = $x To $y 
If StringInStr($strPassw, Chr($iLoopvar), 1,1, 1) > 0 Then 
;MsgBox(0, "$iLoopvar = ", Chr($iLoopvar)) 
Return(1) 
EndIf 
Next 
EndFunc 

Func _SetPassword() 
Dim $objWshShell, $objFSO, $objNetwork, $objWMI 
Dim $Admin, $objItem, $objUser 

$objFSO = ObjCreate("Scripting.FileSystemObject") 
$objWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!.rootcimv2") 

;Gets the local Admin account name like the function says 
$Admin = _GetAdministratorName(@ComputerName) 

;Sets up the COM for changing the password 
$objUser = ObjGet("WinNT://./" & $Admin) 
If @error Then 
Exit 
; Aborts the process with a failure code. 
Else 
$objUser.SetPassword($strPassW) 
$objUser.SetInfo() 

If @error Then 
Exit 
; Aborts the process with a failure code, I hope. 
EndIf 
EndIf 
EndFunc 

;Get the local administrator account name. Hope it works because this blows up if it don't. 
Func _GetAdministratorName($ComputerName) 
Dim $UserSID, $oWshNetwork, $oUserAccounts, $objWMIService 
$objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!//" & $ComputerName & "/root/cimv2") 
$oUserAccounts = $objWMIService.ExecQuery("Select Name, SID from Win32_UserAccount WHERE Domain = '" & $ComputerName & "'") 
For $oUserAccount In $oUserAccounts 
If StringLeft($oUserAccount.SID, 9) = "S-1-5-21-" And _ 
StringRight($oUserAccount.SID, 4) = "-500" Then 
Return $oUserAccount.Name 
EndIf 
Next 
EndFunc ;==>GetAdministratorName 

;Script End

ADMPW.zip

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×