Change local admin password on all workstations it is mandatory in most of the different organization. In order to applied a security standard you have to change local admin password account in all workstations at specific time since the last change. It does not matter if the computers are in a work-group or domain members.
To achieve the goal of Change local admin password we will use Pspasswd.exe as tool of Sys Internals Packet.
Pspasswd.exe allows you to change an account password on the local or remote systems.
Administrators account will be enabled to create batch files that run PsPasswd.exe against the computers they manage in order to perform a mass change of the administrator password.
In this article I will explain how to configure Pspasswd.exe to use some of these useful features.
Steps to Change local admin password.
- Download PStools.exe
- Prepare .bat file for Change local admin password.
- Automate .bat file with task scheduler.
Download Pspasswd.exe tools.
First of all you should download the PsList at the link below
Extract the files at your specific location.
Prepare .bat file for Change local admin password.
Prepare the .bat file for change local admin password on all computers . In my case I have created a script likes below but you can add other parameters depend on your requests.
pspasswd \\@listpcpass.txt Admin_Acount Aprill!2015 >>passchange.txt
Go to :
start-run-cmd and then go to folder that you extracted the Pstools Packet downloaded.
cd –path of extract file and type the command below to change the password at some workstations that are added at listpcpass.txt file.
In my case I have added 50 computers and I have also the same name for administrator account. In the >>passchange.txt you will find logs which will tell you how many pc have changed administrator account password.
You can customize with more details .bat files based on parameters below.
pspasswd [\\[computer[,computer,[,…]]|@file] [-u Username [-p Password]]]
Usage for domain accounts:
pspasswd Domain\Account [NewPassword]
computer Computer or computers on which the local account exists. If you omit the computer name, the local computer is assumed.
If you specify a wildcard (\\*), PsPasswd runs the
command on all computers in the current domain or workgroup.
@file PsPasswd will change the password on the computers listed
in the file.
-u Specifies optional user name for login to remote computer.
-p Specifies optional password for user name. If you omit this
you will be prompted to enter a hidden password.
Domain Specifies name of the domain of the target account.
Account Specifies name of the account for password change.
Automate .bat file with task scheduler.
After completed the configuration of .bat file you can schedule a job to run in non working hours or at specific time.
To do that please refer at the link below:
–> Create Windows Task Scheduler and schedule to run bat file. <–