Change password for remote machine User Account that has "current password = empty"

StackOverflow https://stackoverflow.com/questions/16717032

Question

I want to change the password for remote machine's user account.

I'm doing this way:

PrincipalContext context = new PrincipalContext(ContextType.Machine, "xxx.xxx.xxx.xxx" /*Remote machine IP address*/, "RemoteAdminUserName", "RemoteAdminPassword");
UserPrincipal user = (UserPrincipal.FindByIdentity(context, "RemoteAdminUserName"));
user.SetPassword("RemoteAdminNewPassword");
user.Save();

This code works correctly, except when I try to set the password to accounts with empty old password. In that case, I have the following exception in UserPrincipal.FindByIdentity

System.Runtime.InteropServices.COMException was unhandled Message=Access is denied.

Source=System.DirectoryServices ErrorCode=-2147024891 StackTrace: at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.RefreshCache() at System.DirectoryServices.AccountManagement.PrincipalContext.DoMachineInit() at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx() at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue) InnerException:

Are there some restrictions to use PrincipalContext with account without password protection? How can I set a password for a remote machine user account that doesn't have any current password set?

Was it helpful?

Solution

There is a restriction to log on to accounts with blank passwords remotely.

You you to run the script locally to change the password but you can run the "local" script with psexec.

Solution:

1) write a script that changes the password for local user

2) run the script from your remote computer with psexec

The remote computer must have an administrative user account with a password or you cannot login remotely.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top