Keep Administrators from being Locked out of Machines
Novell Cool Solutions: Trench
By Leonard Zebrowski
Digg This -
Posted: 2 May 2003
We had a problem with multiple machine images with different, and sometimes forgotten, local administrator account passwords. Also, some of our users with local admin rights occasionally change the password to Administrator or backdoor accounts, locking us out of the machines.
I wrote a simple ZEN Script to install a service on all machines that every time a machine is rebooted the chosen accounts passwords are reset. When necessary I can change the passwords by pushing down a new file. This is how I did it:
Note: all the files used in this solution are available in the zip file below, under Download.
I wrote a batch file called reset.bat with the following commands:
Net use administrator <password> Net use <backdoor> <password> Net use <backdoor1> <password>
I used a Bat2Exec program to convert reset.bat to reset.com to encrypt the file for security.
I wrote a simple ZEN package to:
- Copy reset.com to C:\Winnt\System32
- Copy srvany.exe to C:\Winnt\System32 (from NT Resource kit)
- Install the following registry keys
REGEDIT4[HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet\Services\PWReset] "Type"=dword:00000010"Start"=dword:00000002" ErrorControl"=dword:00000001 "ImagePath"=hex(2):43,3a,5c,57,69,6e,6e,74, 5c,53,79,73,74,65,6d,33,32,5c,53,72,\ 76,61,6e,79,2e,65,78,65,00 "DisplayName"="PWReset""ObjectName"="LocalSystem" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\PWReset\Parameters] "Application"="C:\\Winnt\\System32\\reset.com" [HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet\Services\ PWReset\Security] "Security"=hex:01,00,14,80,c0,00,00,00, cc,00,00,00,14,00,00,00,34,00,00,00,02,\ 00,20,00,01,00,00,00,02,80,18,00,ff,01, 0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,20,02,00,00,02,00,8c,00,05,00,00, 00,00,00,18,00,8d,01,02,00,01,01,00,\ 00,00,00,00,01,00,00,00,00,74,00,73,00, 00,00,1c,00,fd,01,02,00,01,02,00,00,\ 00,00,00,05,20,00,00,00,23,02,00,00,76, 00,63,00,00,00,1c,00,ff,01,0f,00,01,\ 02,00,00,00,00,00,05,20,00,00,00,20,02, 00,00,76,00,63,00,00,00,1c,00,ff,01,\ 0f,00,01,02,00,00,00,00,00,05,20,00,00, 00,25,02,00,00,76,00,63,00,00,00,18,\ 00,fd,01,02,00,01,01,00,00,00,00,00,05, 12,00,00,00,25,02,00,00,01,01,00,00,\ 00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\PWReset\Enum] "0"="Root\\LEGACY_PWRESET\\0000""Count"=dword:00000001 "NextInstance"=dword:00000001
Every time the machine reboots all passwords included within reset.com are standardized. Anytime I need to change the passwords I rewrite reset.com and push the new file out using ZEN.
This works on both NT 4 and 2000 machines.
Here is everything I use, with the exception of the "real" reset.bat/com file - the file included will reset only the administrator password to password.
If you have any questions you may contact Leonard at firstname.lastname@example.org
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com