Change Local Account Name and Password using PowerShell

PowerShell is a great scripting utility that can drastically speed up administrative tasks in the “IT world”. Since Microsoft is trying to make it so all their products can be managed using PowerShell, it is a great idea to be proficient in it because PowerShell is not going away anytime soon.

I plan to utilize this blog as a means to share my scripts with the public and gain valuable feedback from any followers in the IT field.

With that said, here is my first PowerShell post!

How to change a local account name and password on a remote computer.

I am going to demonstrate an easy way to change/rename a remote computers (or list of computers) local account using PowerShell. Since all the commands listed are built in, you will not need to download any modules.

This script is not too long and is very useful in its purpose. There was a client I was working with that had many computers that had the default “Administrator” account enabled and not renamed, and without a secure password. So rather then manually setting each one (which would have consumed many hours), I wrote this up to expedite the process

For those that just need a script that works without explanation, here is the source code.

#

\# Created By: SecureKomodo

\# www.securekomodo.net

\# 5/12/2013

#

\# Change Remote Computers Local Account Name and Password

\# Requires: PowerShell 2.0 or higher

#

$securePW = Read-Host -assecurestring Please Enter The New Local Admin Password

$tempCred = New-Object System.Management.Automation.PSCredential(Temp,$securePW)

$newcred = $tempCred.GetNetworkCredential()

$userPW = $newcred.Password.ToString()

$computers = @(computer1,computer2,computer3)

foreach($computer in $computers) {

if (test-connection -computername $computer -quiet) {

try {

$WinNTPath = WinNT://” + $computer + “/Administrator,User”

$localAdmin = [ADSI]$WinNTPath

try {

$localAdmin.psbase.rename(SuperAdmin)

Write-Host Successfully Renamed Administrator Account on  $computer

}

catch {

Write-Host Error Renaming Administrator Account on  $computer

}

$localAdmin.setpassword($userPW)

Write-Host Successfully Set Password on  $computer

}

catch {

Write-Host Error When Setting Password  $computer

}

}

else {

Write-Host Ping Failed to $computer

}

}

How it Works:

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”10″]$securePW = Read-Host -assecurestring “Please Enter The New Local Admin Password”[/sourcecode]

  • Prompts the user to enter the new password for the remote local accounts and store it in the variable $securePW as a secured string. This is made possible by entering the Read-Host cmdlet with the -assecurestring switch.

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”11″]$tempCred = New-Object System.Management.Automation.PSCredential(“Temp”,$securePW)[/sourcecode]

  • Creates the PSCredential with the Secure String Password defined previously, this is needed for conversion for the secure string.

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”12″]$newcred = $tempCred.GetNetworkCredential()[/sourcecode]

  • Using The PSCredential from the line previously, we are able to create the network credentials and store it in the variable $newcred

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”13″]$userPW = $newcred.Password.ToString()[/sourcecode]

  • Using the network credential object, we are able to grab the plain text password and store it as $userPW

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”14″]$computers = @(“computer1”,”computer2”,”computer3″)[/sourcecode]

  • This is the array of computer names that need the local account password changed, we can also define $computers as an imported csv file if we please.

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”17″]if (test-connection -computername $computer -quiet)[/sourcecode]

  • Make sure computer is able to ping before the script continues

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”19″]$WinNTPath = “WinNT://” + $computer + “/Administrator,User”[/sourcecode]

  • This is the path of the local administrator account on the remote computer stored as the variable $WinNTPath

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”22″]$localAdmin.psbase.rename(“SuperAdmin”)[/sourcecode]

  • Rename the default administrator account to a more specific account name

[sourcecode language=”powershell” wraplines=”false” collapse=”false” firstline=”28″]$localAdmin.setpassword($userPW)[/sourcecode]

  • Change the password on the remote system to the defined password from earlier in script.

This script can be executed by any person, and the local password credentials are not hardcoded into the script, allowing for better security. I have used it many times and it has proven to be very helpful.

-Bryan

Tags// ,
More Reading
Newer// log2timeline
Older// Droidsheep