Thursday, August 6, 2009

Resetting Computer Account Passwords

I was trying to tell from a workstation point of view when the computer account password was last set. I'm sure this information is stored locally somewhere, but in the end it was easier to query the AD and find when the password for the computer account was last set.

This is used for Virtual Machine templates - we use nltest to reset the computer account password, such that we can maintain a single template image and turn it on periodically for updates without having to rejoin to the domain because of mismatched computer accounts.

Forcefully reset the computer account password:



nltest /SC_CHANGE_PWD:%domain%


Query the workstation in the domain and find when the password was last set - returns the number of 100 nanosecond intervals since 01/01/1601.



dsquery computer -name ws01
dsquery * "CN=ws01,OU=Computers,DC=domain,DC=com" -attr pwdlastset
pwdlastset
128934012123005000


Use PowerShell to convert the number to a human readable date format:



powershell [datetime]::FromFileTime(128934012123005000)

Thursday, 30 July 2009 2:20:12 PM


Use w32tm to convert the number to a human readable date format:



w32tm /ntte 128934012123005000

149229 04:20:12.3005000 - 30/07/2009 2:20:12 PM


Use VBScript to convert the number to a human readable date format:



cscript ConvertFileTime.vbs 128934012123005000

30/07/2009 2:20:12 PM


' ConvertFileTime.vbs
' VBScript doesn't support 64-bit integers, so it can't handle the number of 100 nanosecond intervals since 01/01/1601
' http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnclinic/html/scripting09102002.asp

' Either use ADSI provider and the IADs/IADsLargeInteger object
' LargeIntValue = objLargeInt.HighPart * 2^32 + objLargeInt.LowPart

' http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adsi/adsi/iadslargeinteger.asp'
' Or WMI, which handles the conversion between 64-bit datetime structure / UTC / and VB var datetime

If Wscript.Arguments.UnNamed.Count > 0 Then 
        strDateTime = Wscript.Arguments.UnNamed(0)
        Set objDateTime = CreateObject("WbemScripting.SWbemDateTime")
        If IsDate(strDateTime) Then
                Call objDateTime.SetVarDate(strDateTime, False)
                wscript.echo objDateTime.GetFileTime
        Else
                Call objDateTime.SetFileTime(strDateTime, False)
                wscript.echo objDateTime.GetVarDate
        End If
        intReturn = 0
Else
        WScript.Echo "Specify a filetime or a date to convert, eg 127076450620627215, or ""11/04/2006 11:17:10 AM"""
        intReturn = 2
End If
WScript.Quit(intReturn)

Wayne's World of IT (WWoIT), Copyright 2009 Wayne Martin. 
at

No comments:

Post a Comment