一台一台的修改域内计算机本地管理员密码不太现实,在没有Configuration manager这些工具的情况下,使用脚本来修改本地密码也颇为方便:
'Script for change the local administrator password On Error Resume Next Set objDictionary = CreateObject("Scripting.Dictionary") i=0 passwd="password1" call ChangePWD("OU=ou1,OU=ou2,DC=dc1,DC=cn",passwd) Wscript.echo "Finished!" If objDictionary.Count>0 Then call logError(objDictionary) '-----------------End of main program-------------------- Sub LogError(objDictionary) Const ForReading = 1, ForWriting = 2, ForAppending = 8 APP_ERROR_LOG = "chadminpwd.log" Set fsoSysObj = CreateObject("Scripting.FileSystemObject") Set oshell=createobject("wscript.shell") On Error Resume Next Set filFile = fsoSysObj.GetFile(APP_ERROR_LOG) If Err <> 0 Then Set filFile = fsoSysObj.CreateTextFile(APP_ERROR_LOG) End If On Error GoTo 0 ' Open file as text stream for reading. Set txsStream = filFile.OpenAsTextStream(ForAppending) With txsStream .WriteLine Now & " - Failed to change kbadmin on these computers:" For Each strComputer in objDictionary.Items .WriteLine strComputer Next .WriteBlankLines 1 .Close End With LogErrorEnd: Exit Sub End Sub 'The subroutine used for search the computers in the unit and 'change all the local administrator password sub ChangePWD(ouname,passwd) On Error Resume Next set ObjOU = GetObject("LDAP://" & ouname) ObjOU.Filter = Array("Computer") For Each ObjComp in ObjOU strComputer = Right(ObjComp.Name,Len(ObjComp.Name)-3) 'MsgBox strComputer & VbCrLf & ObjComp.OperatingSystem Set objUser = GetObject("WinNT://" & strComputer & "/administrator, user") If Err <> 0 Then Wscript.Echo strComputer & " - Failed!!" '& VbCrLf & Err.Number & " -- " & Err.Description i=i+1 objDictionary.Add i,strComputer Err.Clear Else objUser.SetPassword passwd objUser.SetInfo 'MsgBox strComputer & " has been successfully processed!" WScript.Echo strComputer & " - OK!" End If Next end sub
需要在远端计算机上关闭防火墙,至少是打开远程管理的端口135等,具体用TCPVIEW检测一下吧。