Script to Verify Local administrator credential

One of our client came with very strange requirement. Their Security Policy is to change local administrator password for every 2 months, it should be different for all servers, they have to maintain excel sheet and send it to the Manager. Manager want to verify whether password has changed for all servers and it is according to the excel sheet which is sent to him. There are some hundreds of servers, so they want simple script which will do it for them.

We came with solution which uses PsTools to do this task. PsTools is the Microsoft toolkit which provide bunch of tool to do different task on the remote system. We used PsExec which can be used execute the command on remote system.

We got excel sheet format given below-

Sr.No	Server Name	IP	Type	Domain	Local Admin Name	Password	Remarks
1	Server01	10.20.10.56	Physical	Test.com	$local$	G8NLoc@adm1n	Completed

We have use this information to build our excel sheet in below format, in last cell we use concatenate function of Microsoft Office Excel to combine all cell into one.

Command: psexec \\Server01 -u $local$ -p G8NLoc@adm1n hostname >> hostname.txt

PsExec will execute hostname command on remote system Server01, will use –u switch for username and –p for password & save the result in text file. If user name or password is correct command will execute and result (Hostname) will store in txt file, if it does not match, it will fail to execute command, which means provided credential is wrong.

Download PsTools from Microsoft site here, unzip it in ‘C:\Windows\System32\’. Copy the concatenate output and paste it in notepad, rename it as Verify.bat and execute the same.

Finally, we just need to use vlookup function of Microsoft Office Excel to find out servers which is not listed in hostname.txt.