function Check-AdminPassword(){
$LocalAdministrator
= "Administrator"
$PasswordToTest
= ""
$Computer
= Hostname
$LdapFilter
= "(&(objectCategory=Computer)(name=$Computer*))"
$Searcher
= New-Object
System.DirectoryServices.DirectorySearcher($Null, $LdapFilter)
$Searcher.PageSize =
1000
$PropertiesToLoad
= @("name")
$Searcher.PropertiesToLoad.AddRange($PropertiesToLoad)
$Results
= @()
$Searcher.FindAll() |
%{
# Variable that
can be accessed within the Trap
$Script:Exception
= $Null
# Capture any
error
Trap [Exception] {
$Script:Exception
= ($_.Exception.Message).Trim()
Continue;
}
# Test binding
to the Administrators group with the specified username and password
[Void](New-Object System.DirectoryServices.DirectoryEntry(`
"WinNT://$($_.Properties['name'])/Administrators,
group", `
"$($_.Properties['name'])\$LocalAdministrator", `
$PasswordToTest, 0)).PsBase.Get_Name()
# If no error
is returned the the bind suceeded with this password
If (!$Script:Exception)
{
Write-Host "[ ] Admin Password on $($_.Properties['name']) is Blank!!!"
} Else {
Write-Host "[X] Admin Password on $($_.Properties['name']) is set"
#Write-Host
"$($_.Properties['name']): Error binding - $($Script:Exception)"
}
}
}
# I am sure I copied most this script form someplace, but not sure where.
No comments:
Post a Comment