Yeah well, our parent org. in all of it's infinite wisdom says that each LAdmin password must be unique so to make this easy, dynamic, and constantly secure, we're going to run the script in GPO startup to change every the computer reboots, it resets it's LAdmin pw. I'm having a slight problem though with my new implementation; sometimes the password generated by "net user" doesn't meet our password complexity requirements. To try and account for this, I'd like to be able to re-run the loop that sets the password but am having problems doing so. Anyone have any ideas?
Code:
$server = "\\GJLK2W3DS101\Logging\"
$folder = "Local_Admin_Password_Log\"
$comp = @WKSTA
$rc = WshPipe("%COMSPEC% /e:1024 /c net user wsadmin /random /passwordchg:yes")
$y = 0
:RepeatLoop
for each $line in $rc
if instr($line, "Password for")
while $y = 0
if exist($server+$folder+$comp+".log") = 1
del $server+$folder+$comp+".log"
endif
if Open(5,$server+$folder+$comp+".log",5) = 0
$line = substr($line,26,len($line))
$temp = WriteLine(5,"$comp,$line,"+@TIME+","+@DATE+@CRLF)
$ = Close(5)
$y = 1
else
$y = 0
Sleep 1
endif
loop
endif
if instr($line, "The password does not meet the password policy requirements")
GoTo RepeatLoop
endif
next
