Local Administrator password rename and change

This topic contains 4 replies, has 4 voices, and was last updated by Profile photo of Mark Mark 12 months ago.

  • Author
  • #31329
    Profile photo of vcloudguy

    I am trying to run the powershell code below to rename the local administrator username and then set a password.

    The scipt runs successfully but is unable to rename the Administrator account or set the password. It just returns the error message from the code below

    Error Renaming Administrator Account on TestMachine2008
    Error When Setting Password TestMachine2008

    What am I doing wrong?

    $securePW = Read-Host -assecurestring "Please Enter The New Local Admin Password"
    $tempCred = New-Object System.Management.Automation.PSCredential("Temp",$securePW)
    $newcred = $tempCred.GetNetworkCredential()
    $userPW = $newcred.Password.ToString()
    $computers = @("TestMachine2008")

    foreach($computer in $computers) {
    if (test-connection -computername $computer -quiet) {
    try {
    $WinNTPath = "WinNT://" + $computer + "/Administrator,User"
    $localAdmin = [ADSI]$WinNTPath
    try {
    Write-Host "Successfully Renamed Administrator Account on " $computer
    catch {
    Write-Host "Error Renaming Administrator Account on " $computer
    Write-Host "Successfully Set Password on " $computer
    catch {
    Write-Host "Error When Setting Password " $computer
    else {
    Write-Host "Ping Failed to" $computer

  • #31347
    Profile photo of Christian Sandfeld
    Christian Sandfeld

    My best guess would be that what you are trying to do, require elevated priviledges, and you are not running PowerShell as admininstrator. However it is impossible to know the cause of the error, from what you have provided above. In the code you have posted, you are effectively hiding the real error messages in your Try/Catch blocks.

  • #31352
    Profile photo of Mark

    Try commenting out the Try & Catch statements.

    Run the script and you should error out with enough details to identify and troubleshoot the error.

  • #31394
    Profile photo of Mike Eyler
    Mike Eyler

    Use a GPO 🙂

  • #31411
    Profile photo of Mark

    Microsoft has phased out/disabled the ability to set local account passwords via GPO. Apparently, the method used to store passwords in the Preferences of a GPO is not secure.

    There's a security bulletin MS14-025 for it.

    There are some workarounds in the article which may be of help.

You must be logged in to reply to this topic.