Rename and set password for local admin using configmgr #rdproud


 

Hello,

As you all know 🙂 -> Modification of local user password no longer possible using preference. When did this happen ?

You can find additional info here https://support.microsoft.com/en-us/kb/2962486

Solution could be to reuse a sccm task sequence in order to rename the local admin and set the password.

We will use a task sequence variable as the password that should be applied.

We’ll create a powershell script.

# Change_passwords.ps1

#

#

# Author = Gino D’hoker

#

# Will be used in SCCM task sequence for renaming and setting password of local admin

# requires task sequence variable named vPassword with the required password

#

#

# Version 1.0

$computerName = $env:COMPUTERNAME

$computer = [ADSI] “WinNT://$computerName,Computer”

foreach ( $childObject in $computer.Children ) {

# Skip objects that are not users.

if ( $childObject.Class -ne “User” ) {

continue

}

$type = “System.Security.Principal.SecurityIdentifier”

#CALLOUT A

$childObjectSID = new-object $type($childObject.objectSid[0],0)

#END CALLOUT A

if ( $childObjectSID.Value.EndsWith(“-500”) ) {

“Local Administrator account name: $($childObject.Name[0])”

“Local Administrator account SID: $($childObjectSID.Value)”

$username = $($childObject.Name[0])

break

}

}

$tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment

$strPassword = $tsenv.Value(“vPassword”)

$user = [ADSI]”WinNT://./$username”

$user.psbase.rename(“xxx.localadmin”)

$user.SetPassword($strPassword)

clip_image002

Now create a task sequence in order to deploy the task.

First create the required variable

clip_image004

Second run a posh script

clip_image006

Now deploy in on a scheduled base

clip_image008

And you have a worthy replacement of your preference !

clip_image010

Enjoy.

Gino D

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s