Scripting : Question: Removing laptop system password via script

Question: Removing laptop system password via script

I am trying to create a VBScript that when it runs would remove the system (Power-on) password on our companies laptops without any interaction from the user.

CCTK (Dell Configuration Tool Kit) has been installed on each of the laptops and I have created the below code so far.

------------------------------------------------------------------------------

DIM WshShell
Set WshShell = CreateObject("Wscript.Shell")
Set WshNetwork = CreateObject("Wscript.Network")
strComputer = WshNetwork.ComputerName

password=strComputer
password=Replace(password,"Value1","Value2")

DIM aParm(2)

sCmd="C:\Program Files\Dell\CCTK\X86\cctk.exe"
aParm(1)="--syspwd= --valsyspws="
aParm(2)=password

wscript.echo sCmd & Join(aParm)

------------------------------------------------------------------------------

I am needing it to run the following command 'C:\Program Files\Dell\CCTK\X86\cctk.exe --syspwd= --valsyspws=<PASSWORD>

The script above, when I output to messagebox has a space before the <PASSWORD> value so the whole aParm section might not be any use.

Can anyone recommend the line, or two, needed to get this VBScript working?

Cheers

0 Comments [ + ] Show comments

Answers (2)

Answer Summary:

Posted by: SMal.tmcc 11 years ago

You can create a k1000 script running the net.exe command found in c:\windows\system32 or create a batch file and run it. Either way you need 3 lines of code to do this

net user administrator /delete

net user administrator /add /active:yes /passwordreq:no

net localgroup administrators /add administrator

Comments:

Recommended - create another local user who is an admin for this purpose and set autologin in the registry to this user

net user ituser /add /active:yes /passwordreq:no

net localgroup administrators /add ituser - SMal.tmcc 11 years ago
- I agree with this. Since they are different passwords you would either need to get them all the same, or create new.
  
  http://support.microsoft.com/kb/315231
  
  http://www.petri.co.il/configuring_autologon.htm - dugullett 11 years ago
I just realised I typed logon when I meant power on, sorry.

Its the System password that is setup in BIOS for when the laptop is initially powered on that we are needing removed.

I am looking at commands with the CCTK which might do the job but will probably still need some script to automate the process. - Dedge77 11 years ago
you can do this thru the cctk I use this command on the k1000.

"c:\program files\dell\cctk\x86\cctk.exe" --setuppwd=<new-password> --valsetuppwd=<old-password>

Description
Sets the system password. An argument is required. The password cannot be reported. Initially you can set the password using cctk. If you want to remove the password, provide one blank space and old password.

Example
A:>cctk --syspwd=<password> --valsyspwd=<old-password>

http://support.dell.com/support/edocs/SOFTWARE/smcctk/1.0/ug/html/cctkugcd.htm - SMal.tmcc 11 years ago
- I have tested the following command which worked
  
  cctk --syspwd= --valsyspwd=<old-password>
  
  Now I only have to
  1. Install CCTK on all our laptops.
  2. Write a script that will take the COMPUTERNAME replace some of that value and export that value to use in the 'old-password' command.
  3. Ask my boss for some training in VBScript..... - Dedge77 11 years ago
  - here is the vbscript Kace uses to get computer name.
    
    Set fso = CreateObject("Scripting.FileSystemObject")
    Set diskDrives = fso.Drives
    
    regFound = False
    'Search through fixed drives (Drivetype = 2) for required registry file.
    For Each drive In diskDrives
    If (drive.DriveType = 2) and fso.FileExists(drive.DriveLetter & ":\WINDOWS\System32\Config\SYSTEM") Then
    systemDrive = drive.DriveLetter
    regFound = True
    exit for
    End If
    NEXT
    
    'Registry not found
    If regFound = False Then
    WScript.Quit
    End If
    
    'Get the computer name from the registry
    Set wshShell = CreateObject("WScript.Shell")
    Set execStatus = wshShell.Exec("reg load HKLM\TEMP_SYSTEM " & systemDrive & ":\WINDOWS\System32\Config\SYSTEM")
    'Wait for registry to load completely (max 10 seconds)
    count = 0
    Do While (count < 10) and execStatus.Status = 0
    WScript.Sleep 1000
    count = count + 1
    Loop
    If execStatus.Status = 0 Then
    WScript.Quit
    End If
    regKeyCompName = "HKLM\TEMP_SYSTEM\ControlSet001\Control\ComputerName\ComputerName\ComputerName"
    compName = wshShell.RegRead(regKeyCompName)
    WshShell.Exec("reg unload HKLM\TEMP_SYSTEM")
    WScript.Sleep 1000
    
    'Dump the computer name into a file named as the mac address inside T:
    If fso.DriveExists("T:") then
    'Get mac adress
    Set objSysEnv = wshShell.Environment("PROCESS")
    macAddress = objSysEnv("MAC_ADDRESS")
    Set compNameFile = fso.CreateTextFile("T:\" & macAddress, True)
    Else
    usbDrive = fso.GetDriveName(wscript.ScriptFullName)
    Set compNameFile = fso.CreateTextFile(usbDrive & "\KACE\ComputerName", True)
    End If
    compNameFile.WriteLine(compName)
    compNameFile.Close - SMal.tmcc 11 years ago
  - It wont allow me to reply to your code below.
    
    Here is the vbscript I created:-
    ----------------------------------------------------------------------------
    DIM WshShell
    Set WshShell = CreateObject("Wscript.Shell")
    Set WshNetwork = CreateObject("Wscript.Network")
    strComputer = WshNetwork.ComputerName
    
    password=strComputer
    password=Replace(password,"Value1","Value2")
    ----------------------------------------------------------------------------
    pretty basic I know but it gives me the string 'password' which then contains what I need.
    
    My next step is adding a line to that script which will run the CCTK with the following line -> cscript "c:\program files\dell\cctk\x86\cctk.exe" --syspwd= --valsyspwd=<PASSWORD>
    
    Thanks for all the help SMal.tmcc. - Dedge77 11 years ago
I think you may be able to use other commands like:

--passwordbypass
Valid Argument
off, reboot bypass, resumebypass, rebootandresume bypass

Description
Sets the password bypass feature.

--pwdlock
Valid Argument
locked, unlocked

Description
Controls the ability to set the system password. If the password is locked, it cannot be changed. The locked argument locks the current state of the system password. If a system password has been set, it cannot be removed. If a system password has not been set, it cannot be set. On specific BIOS settings, this feature does not work. Refer to the BIOS documentation for more information. - SMal.tmcc 11 years ago
If you have 20 laptops with a slightly different password you can create a batch file with 20 lines in it and vary the --valsetuppwd value on each line. the laptop will ignore the lines with the wrong --valsetuppwd entry and only respond to the one correct line. that way you can use one batch file for all machines. otherwise you would have to create a k1000 script and change it for every machine and do a single run now on the proper target machine - SMal.tmcc 11 years ago
- Interesting, didn't know it would continue past all incorrect lines.
  
  The tag numbers in the computer name is also in the system password just the characters in front are different.
  
  I was trying to get a string that would get the computer name then replace the characters and output that into a value to use. So far I have got the computername, the replace function doesnt seem to be working properly though.
  
  The batch file sounds good but there might be a case of someone accidentally setting a password in the future, would need this script to work under those conditions. - Dedge77 11 years ago
  - we ran into that, for a while we had 4 different pw's for the setup pwd, I ran a script with all 4 values in it to get them all to the same pw. - SMal.tmcc 11 years ago
we use the set up pwd not the sys pwd to keep people out of the bios. they also cannot put a boot pw on without knowing the setuppwd. If you do not have the cctk on these machines you can either compile the script into an exe on a machine with it installed or place the files on a server share and connect and run from there.

--setuppwd - SMal.tmcc 11 years ago
should be
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.Run ("c:\program files\dell\cctk\x86\cctk.exe --syspwd= --valsyspwd=PASSWORD")

http://www.vistax64.com/vb-script/174635-running-executable-within-vbscript.html
http://social.technet.microsoft.com/Forums/nb-NO/ITCG/thread/185f3ce6-6e30-459f-8786-2ae4ce7bcb54
https://groups.google.com/forum/?fromgroups#!topic/microsoft.public.scripting.vbscript/OmaGb30VJQs - SMal.tmcc 11 years ago
- Would that just go onto the end of the script even if I already have set WshShell in a previous line?
  
  Wouldn't the <PASSWORD> value have to be outwith the quotations and brackets? - Dedge77 11 years ago
  - not sure, but your new question should get you an answer, there are a couple of good vb scriptors on this site - SMal.tmcc 11 years ago

Posted by: Scott Smith 11 years ago

-1

One of your options may be psexec http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx

psexec \\workstation net user Joe /delete

there is also a password option for net user, to change the password

Comments:

that would delete the user joe - SMal.tmcc 11 years ago
that is correct, there is no option that I am aware of that would delete the passord (only change it). - Scott Smith 11 years ago

Answer this question

Posted by:

View more:

Scripting Questions

question