Thursday, September 30, 2010

Reset Passwords for all User Accounts in an OU

I realise that there's plenty of scripts floating around the net that already do this, but for me this was simply an exercise.

Note: I haven't gotten around to testing it yet.

' PasswordReset.vbs
' Resets all passwords within an AD Container
' Version 1.0
' 27 September 2010

Option Explicit
Dim objRootDSE, objOU, objUser
Dim strTargetOU, strForceReset, strEnAcct, strDNSDomain, strNewPass
Dim intCounter, intUACval, intPWLval

' Change strTargetOU to location of user accounts
strTargetOU = "MyContainer"

' Change strNewPass to the new password
strNewPass = "Password123"

' Change strForceReset to "Yes" in order to force users to reset passwords
strForceReset = "No"

' Change strEnAcct to "Yes" in order to enable disabled accounts
strEnAcct = "No"

' Int Values 
' See Microsoft KB305144 for UserAccountControl values
' Setting PwdLastSet value to 0 forces password reset
intUACval = 544
intPWLval = 0
intCounter = 0

Set objRootDSE = GetObject("LDAP://RootDSE") 
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strTargetOU = "OU=" & strTargetOU & ", " & strDNSDomain
set objOU =GetObject("LDAP://" & strTargetOU )

For each objUser in objOU
If objUser.class="user" then
objUser.SetPassword strNewPass

If strForceReset="Yes"
objUser.Put "pwdLastSet", intPWLval
End if
If strEnAcct="Yes"
objUser.Put "userAccountControl", intUACval
End if

intCounter = intCounter +1
End if

WScript.Echo "New Password: " & strNewPass & vbCr & "Accounts changed: " & intCounter _
  & vbCr & "Password Change Forced: " & strForceReset & vbCr & "Disabled Accounts Enabled: " & strEnAcct

Tuesday, September 7, 2010

SCCM: Excluding a directory structure from being inventoried.

A colleague asked me today how to exclude a directory structure on a single client machine from being inventoried by SCCM. The answer is to create a hidden sparse text file named skpswi.dat in the folder.

Thanks Tyriax for the question!

Wednesday, September 1, 2010

Office Autosave Locations

I always thought that the autosave for an Office file was created in the same location as the file. It turns out that this was because I almost always work with Office files on network drives.

When a new file is started a temporary file is created. This can be either in the windows temp directory, in "C:\ Documents and Settings\<username>\Application Data\Microsoft". If the file is stored on a network drive then it will be temporarily created there.

This temporary file will have a few different letters after the tilde (or squiggly line “ ~”) . These are good ones to look for to find some lost info. There are others, but these are the ones most likely to contain data that can be recovered.