Below is a quick and dirty perl script to do it to
give the perl viewpoint for anyone wondering, hey how do I do this in perl.
:o)
You will feed it the following command line
args
input file name. This is a file which one id per line like
joe\joeuser
output file name. This is where you want details
sent
base pwd length. How long is the shortest password?
(i.e. min password length)
random pwd length. How many possible random characters to
add to base (i.e. max password length)
You only have to feed it input file name and it will dump
to console and use defaults of 8 and 6 for the other options.
Note the password character sets are manipulated down in
the GeneratePassword routine.
The default sets are
@sets[0]="abcdefghijkmnpqrstuvwxyz";
@sets[1]="ABCDEFGHJKLMNPQRSTUVWXYZ";
@sets[2]="23456789";
@sets[3]="-+~*%$#!";
@sets[1]="ABCDEFGHJKLMNPQRSTUVWXYZ";
@sets[2]="23456789";
@sets[3]="-+~*%$#!";
The script will build a password (length allowing) of at
least one character from every set. It will then take and randomly pick from the
sets and add new characters until it reaches the specified password length. You
can remove sets if you would like. Say you don't want set 3, you simply delete
that line or comment it. If you don't want set 0, delete or comment it and
renumber the other sets.
Note that I do not use lowercase l (ell) and the number 1
(one). This is because they can be confused in many fonts.
If you wanted all IDs to have a password length of 6 you
would do something like
bulkpwdrst infile outfile 6 0
Here is an example run....
___TEST.TXT___
joe\joeuse
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
joe\joeuser
___SCREEN SHOT___
[Thu 05/27/2004
10:56:55.90]
F:\DEV\Perl\PwdRst>bulkpwdrst test.txt test.out
F:\DEV\Perl\PwdRst>bulkpwdrst test.txt test.out
BulkPwdRst V01.00.00pl Joe Richards
([EMAIL PROTECTED]) May 2004
Password BaseLength: 8
Password MaxLength : 14
Processing joe\joeuse...
ERROR: Couldn't translate joe\joeuse
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Password MaxLength : 14
Processing joe\joeuse...
ERROR: Couldn't translate joe\joeuse
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
Processing joe\joeuser...
[Thu 05/27/2004
10:57:00.80]
F:\DEV\Perl\PwdRst>
F:\DEV\Perl\PwdRst>
___TEST.OUT___
ERROR: Couldn't translate joe\joeuse
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to gA8*8j7-L+E29
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to qL5**2yRa3
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to gR7!2C66N79f
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to rW7%KHfkD!V
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to aZ4~wz7UF6~n3
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to rC5*iuUP
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to bR9+~wL!6*ec
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to sP2%T!*7*
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to gA8*8j7-L+E29
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to qL5**2yRa3
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to gR7!2C66N79f
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to rW7%KHfkD!V
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to aZ4~wz7UF6~n3
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to rC5*iuUP
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to bR9+~wL!6*ec
Resetting joe\joeuser (CN=joeuser,CN=Users,DC=joe,DC=com) to sP2%T!*7*
#****************************************************************************************
#* BulkPwdRst *
#*======================================================================================*
#* Author : Joe Richards ([EMAIL PROTECTED]) *
#* Version: V01.01.00 *
#* Modification History: *
#* V01.00.00 2004.05.27 joe Original Version *
#*--------------------------------------------------------------------------------------*
#* This file is a PERL script that resets passwords. *
#*--------------------------------------------------------------------------------------*
#* Notes: *
#****************************************************************************************
#****************************************************************************************
#* BulkPwdRst *
#*======================================================================================*
#* Author : Joe Richards ([EMAIL PROTECTED]) *
#* Version: V01.01.00 *
#* Modification History: *
#* V01.00.00 2004.05.27 joe Original Version *
#*--------------------------------------------------------------------------------------*
#* This file is a PERL script that resets passwords. *
#*--------------------------------------------------------------------------------------*
#* Notes: *
#****************************************************************************************
#****************************************************************************************
use Win32::OLE;
use Win32::OLE::Enum;
$infile=shift;
$outfile=shift;
$baselength=(shift or 8);
$randlength=(shift or 6);
$quiet=0;
$randinit=0;
$randinit=0;
print
"\nBulkPwdRst V01.00.00pl Joe Richards ([EMAIL PROTECTED]) May
2004\n\n";
if (!$infile)
{DisplayUsage()};
open ifh,"<$infile" or die("ERROR: Couldn't open input file: $infile - $!\n");
open ifh,"<$infile" or die("ERROR: Couldn't open input file: $infile - $!\n");
print "Password
BaseLength: $baselength\n";
print "Password MaxLength : ",$baselength+$randlength,"\n";
if (!$outfile)
{
print "Writing output to Console...\n";
$outfile=">>CON:";
$quiet=1;
}
else {$outfile=">$outfile"};
print "Password MaxLength : ",$baselength+$randlength,"\n";
if (!$outfile)
{
print "Writing output to Console...\n";
$outfile=">>CON:";
$quiet=1;
}
else {$outfile=">$outfile"};
open
ofh,"$outfile" or die("Error: Couldn't open output file: $outfile -
$!\n");
foreach $thisid
(<ifh>)
{
chomp $thisid;
next unless $thisid;
if (!$quiet) {print "Processing $thisid...\n"};
$userdn=TranslateNT4Name($thisid);
if (!$userdn)
{
if (!$quiet) {print "ERROR: Couldn't translate $thisid\n"};
print ofh "ERROR: Couldn't translate $thisid\n";
next;
}
$password=GeneratePassword($thisid, $baselength, $randlength);
print ofh "Resetting $thisid ($userdn) to $password\n";
$o=Win32::OLE->GetObject("LDAP://$userdn");
$lasterror = Win32::OLE->LastError();
if ($lasterror) {print ofh "$lasterror\n"}
else
{
$o->setpassword($password);
$lasterror = Win32::OLE->LastError();
if ($lasterror) {print ofh "$lasterror\n"}
}
}
{
chomp $thisid;
next unless $thisid;
if (!$quiet) {print "Processing $thisid...\n"};
$userdn=TranslateNT4Name($thisid);
if (!$userdn)
{
if (!$quiet) {print "ERROR: Couldn't translate $thisid\n"};
print ofh "ERROR: Couldn't translate $thisid\n";
next;
}
$password=GeneratePassword($thisid, $baselength, $randlength);
print ofh "Resetting $thisid ($userdn) to $password\n";
$o=Win32::OLE->GetObject("LDAP://$userdn");
$lasterror = Win32::OLE->LastError();
if ($lasterror) {print ofh "$lasterror\n"}
else
{
$o->setpassword($password);
$lasterror = Win32::OLE->LastError();
if ($lasterror) {print ofh "$lasterror\n"}
}
}
exit;
sub DisplayUsage
{
print "Usage: BulkPwdRst infile [outfile [baselength [randomlength]]]\n";
print " infile File with ids to reset, format domain\\userid\n";
print " outfile Where you want output\n";
print " baselength Shortest password length\n";
print " randomlength Random size to add to base\n";
exit;
}
sub InitRandom
{
srand();
srand(rand(10000));
$randinit=1;
}
#
# Generate random passwords of random length
# Will make password $baselength + random($randonlength) long
# @sets has character sets used, will have at least one character from each set
#
sub GeneratePassword
{
my $id=shift; # In case you want to use this for some aspect of pwd generation
my $baselength=shift;
my $randomlength=shift;
if (!$randinit) {InitRandom()};
my
@sets=();
@sets[0]="abcdefghijkmnpqrstuvwxyz";
@sets[1]="ABCDEFGHJKLMNPQRSTUVWXYZ";
@sets[2]="23456789";
@sets[3]="-+~*%$#!";
@sets[0]="abcdefghijkmnpqrstuvwxyz";
@sets[1]="ABCDEFGHJKLMNPQRSTUVWXYZ";
@sets[2]="23456789";
@sets[3]="-+~*%$#!";
for
$i(0..$numsets-1)
{
$setstring=$sets[$i];
$char=substr($sets[$i],rand(length($setstring)),1);
$password.=$char;
}
{
$setstring=$sets[$i];
$char=substr($sets[$i],rand(length($setstring)),1);
$password.=$char;
}
for
$i(1..$pwdlength-$numsets)
{
$set=rand($numsets);
$setstring=$sets[$set];
$char=substr($sets[$set],rand(length($setstring)),1);
$password.=$char;
}
return $password;
}
{
$set=rand($numsets);
$setstring=$sets[$set];
$char=substr($sets[$set],rand(length($setstring)),1);
$password.=$char;
}
return $password;
}
#
# Translate NT4 style name to DN
# Requires GC...
#
sub TranslateNT4Name
{
my $nt4name=shift;
my
$ADS_NAME_INITTYPE_SERVER=2;
my $ADS_NAME_INITTYPE_GC=3;
my $ADS_NAME_TYPE_1779=1;
my $ADS_NAME_TYPE_NT4=3;
my $ADS_NAME_INITTYPE_GC=3;
my $ADS_NAME_TYPE_1779=1;
my $ADS_NAME_TYPE_NT4=3;
my
$nto=Win32::OLE->CreateObject("NameTranslate");
$nto->Init($ADS_NAME_INITTYPE_GC,"");
$nto->set($ADS_NAME_TYPE_NT4,$nt4name);
my $dn=$nto->Get($ADS_NAME_TYPE_1779);
$nto="";
return $dn;
}
$nto->Init($ADS_NAME_INITTYPE_GC,"");
$nto->set($ADS_NAME_TYPE_NT4,$nt4name);
my $dn=$nto->Get($ADS_NAME_TYPE_1779);
$nto="";
return $dn;
}
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas M. Long
Sent: Monday, May 24, 2004 9:41 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Password set and enable account
Ok, so my task is to
generate random passwords and enable the accounts for 3200 users. The user
accounts and all attributes were first created with ldife, and I am now thinking
about using the dsmod utility to do accomplish the password set and account
enablement. I wish I knew vbs like you guys do, but I dont yet (this years
resolution). So here is what I have for the password generation
part:
Function Password_GenPass( nNoChars, sValidChars )
' nNoChars = length of generated password
' sValidChars = valid characters. If zerolength-string ( "" )then
' default is used: A-Z AND a-z AND 0-9
' nNoChars = length of generated password
' sValidChars = valid characters. If zerolength-string ( "" )then
' default is used: A-Z AND a-z AND 0-9
Const
szDefault =
"abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVXYZ0123456789"
Dim nCount
Dim sRet
Dim nNumber
Dim nLength
Dim nCount
Dim sRet
Dim nNumber
Dim nLength
Randomize 'init random
If
sValidChars = "" Then
sValidChars = szDefault
End If
nLength = Len( sValidChars )
sValidChars = szDefault
End If
nLength = Len( sValidChars )
For
nCount = 1 To nNoChars
nNumber = Int((nLength * Rnd) + 1)
sRet = sRet & Mid( sValidChars, nNumber, 1 )
Next
Password_GenPass = sRet
End Function
nNumber = Int((nLength * Rnd) + 1)
sRet = sRet & Mid( sValidChars, nNumber, 1 )
Next
Password_GenPass = sRet
End Function
WScript.Echo "Your password: " & Password_GenPass( 10, ""
)
What is my next
move? I am guessing I have to pass this password to a variable, instead of echo,
and then somehow pass that into the dsmod command, but as I already said, I dont
know vb script. Any help is highly appreciated.
