# encoding: ascii
# api: powershell
# title: Set-LocalUserPWD
# description: adaptation of script to set local admin password thru SCCM
# version: 0.1
# type: script
# author: chriskenis
# license: CC0
# x-poshcode-id: 5473
# x-archived: 2014-10-10T23:55:32
# x-published: 2014-10-01T06:13:00
#
# http://ccmexec.com/2012/06/generating-a-random-password-during-osd-and-save-it-in-sql/
#
[CmdletBinding()]
param(
$computername = $env:COMPUTERNAME,
#$username = "Administrator",
$username = (gwmi Win32_UserAccount -Filter "LocalAccount = True AND SID LIKE 'S-1-5-21-%-500'" -ComputerName $computerName | Select -First 1 ).Name,
$password,
[switch] $Test
)
process{
$VerbosePreference = "Continue"
if (-not $password){$password = GeneratePassword}
if (-not $test){
try{
([adsi]("WinNT://$($computerName)/$($username)")).SetPassword($password)
SaveToSCCMDB $computername $password
Write-Verbose "Password $password set for $username on $computername"
}
catch{
Write-Verbose "Error while setting password $password for $username on $computername"
}
}
else{
Write-Verbose "TEST: Password $password set for $username on $computername"
write-host "The generated password is $password"
}
}
begin{
#save verbosepreference to revert upon end of script
$script:verbosepref = $VerbosePreference
function GeneratePassword {
param(
[byte]$LowerCase = 4,
[byte]$UpperCase = 2,
[byte]$Numbers = 2,
[byte]$Specials = 0,
[switch]$AvoidAmbiguous = $true
)
if ($AvoidAmbiguous){
$arrLCase = "abcdefghijkmnpqrstuvwxyz".ToCharArray()
$arrUCase = "ABCDEFGHJKLMNPQRSTUVWXYZ".ToCharArray()
$arrNum = "23456789".ToCharArray()
$arrSpec = "!#$%&()*+,-./:;<=>?@[\]^_{}~".ToCharArray()
}
else{
$arrLCase = "abcdefghijklmnopqrstuvwxyz".ToCharArray()
$arrUCase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ".ToCharArray()
$arrNum = "1234567890".ToCharArray()
$arrSpec = "!#$%&()*+,-./:;<=>?@[\]^_{}~|".ToCharArray()
}
$aCharacters = @()
#Selects Lower Case Characters
if ($LowerCase -gt 0){$aCharacters += $arrLCase | get-random -count $LowerCase}
#Selects Upper Case Characters
if ($UpperCase -gt 0){$aCharacters += $arrUCase | get-random -count $UpperCase}
#Selects Numerical Characters
if ($Numbers -gt 0){$aCharacters += $arrNum | get-random -count $Numbers}
#Selects Special Characters
if ($Specials -gt 0){$aCharacters += $arrSpec | get-random -count $Specials}
#Randomize characters and return as string
$result = [string]::join("", $($aCharacters | get-random -count $aCharacters.length))
Write-Verbose "generated password = $result"
return $result
}# end function
function SaveToSCCMDB ($computername,$password){
try{
$conn = New-Object System.Data.SqlClient.SqlConnection("Server=sccmsql.domain.com; Database=LocalPwd; User Id=lpwd;Password=hiddenpwd;")
$conn.Open()
$cmd = $conn.CreateCommand()
#call custom stored procedure with 2 parameters
$cmd.CommandText = "EXEC [dbo].[SetLocalAdminPassword] @ComputerName = N'$computername', @Password = N'$password'"
$cmd.ExecuteNonQuery()
$conn.Close()
}
catch{}
}
}#end begin
end{
$VerbosePreference = $script:verbosepref
}