Script to Force Password Change on Non-Admin Users

Download JSON Download Python

Ratings

Release Time

09/30/2019

Downloads

974 times

Update Time

06/23/2025

Views

717 times

Share-it:

Tags

script User accounts Changes

This script forces all users who are NOT belonging to admin group or who are not provided with administrative privelege.

Note: Run as System User.

Procedure's Instructions

#To define a particular parameter, replace the 'parameterName' inside itsm.getParameter('parameterName') with that parameter's name
import os
import platform
import subprocess
from subprocess import PIPE, Popen

gt=[]
gf=[]

try:
    wdir=os.environ['PROGRAMDATA']+'\\temp'
##    print wdir
    if not os.path.exists(wdir):
            os.mkdir(wdir)
except:
    wdir=os.environ['SYSTEMDRIVE']

fp=wdir+'\\users.txt'
admin_file = wdir+'\\adminusers.txt'
cmd="wmic useraccount get name"

obj=subprocess.Popen(cmd, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
out, err = obj.communicate()

##print out
with open(fp, 'w+') as dr:
    dr.write(out)
dr.close()

admincmd="net localgroup Administrators"
obje=subprocess.Popen(admincmd, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
oute, erro = obje.communicate()

with open(admin_file, 'w') as outf:
    outf.write(oute)
outf.close()

with open(admin_file, 'r') as inf:
    data = inf.readlines()
inf.close()

with open(admin_file, 'w') as outf:    
    for line in data:
        if line.startswith('Alias') or line.startswith('Comment') or line.startswith('Members') or line.startswith('-') or line.startswith('The command') or line.startswith('\r\n') :
            line.strip()
        else:
            line= line.rstrip('\r\n')
            gf.append(line)
outf.close()

with open(fp, 'r+') as dr:    
        for i in dr: None if 'Name' in i or 'DefaultAccount' in i or  'Administrator' in i else gt.append(i.strip())
        for j in gf:
            if j in gt:
                gt.remove(j)
dr.close()
##print gt

for i in filter(None, gt):
    cmd="wmic UserAccount where Name='%s' set PasswordExpires=True"%i
    cmd1='net user "%s" /logonpasswordchg:yes'%i
    print cmd
    print cmd1
    obj = subprocess.Popen(cmd, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
    out, err = obj.communicate()
##    print platform.release()
    if(platform.release() !="XP"):
        ob = subprocess.Popen(cmd1, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
        out1,err1= ob.communicate()
        print "Password changed successfully for the user : "+i if (out and out1) else (err and err1)
    else:
        print "Password changed successfully for the user : "+i if (out) else (err)

try:
    os.remove(fp)
    os.remove(admin_file)
except:
    pass

print "Logging out of the Machine to apply changes"
os.popen("shutdown.exe -L")

 
#To define a particular parameter, replace the 'parameterName' inside itsm.getParameter('parameterName') with that parameter's name
import os
import platform
import subprocess
from subprocess import PIPE, Popen
​
gt=[]
gf=[]
​
try:
    wdir=os.environ['PROGRAMDATA']+'\\temp'
##    print wdir
    if not os.path.exists(wdir):
            os.mkdir(wdir)
except:
    wdir=os.environ['SYSTEMDRIVE']
​
fp=wdir+'\\users.txt'
admin_file = wdir+'\\adminusers.txt'
cmd="wmic useraccount get name"
​
obj=subprocess.Popen(cmd, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
out, err = obj.communicate()
​
##print out
with open(fp, 'w+') as dr:
    dr.write(out)
dr.close()
​
admincmd="net localgroup Administrators"
obje=subprocess.Popen(admincmd, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
oute, erro = obje.communicate()
​
​
with open(admin_file, 'w') as outf:
    outf.write(oute)
outf.close()
​
with open(admin_file, 'r') as inf:
    data = inf.readlines()
inf.close()
​
with open(admin_file, 'w') as outf:    
    for line in data:
        if line.startswith('Alias') or line.startswith('Comment') or line.startswith('Members') or line.startswith('-') or line.startswith('The command') or line.startswith('\r\n') :
            line.strip()
        else:
            line= line.rstrip('\r\n')
            gf.append(line)
outf.close()
​
with open(fp, 'r+') as dr:    
        for i in dr: None if 'Name' in i or 'DefaultAccount' in i or  'Administrator' in i else gt.append(i.strip())
        for j in gf:
            if j in gt:
                gt.remove(j)
dr.close()
##print gt
​
for i in filter(None, gt):
    cmd="wmic UserAccount where Name='%s' set PasswordExpires=True"%i
    cmd1='net user "%s" /logonpasswordchg:yes'%i
    print cmd
    print cmd1
    obj = subprocess.Popen(cmd, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
    out, err = obj.communicate()
##    print platform.release()
    if(platform.release() !="XP"):
        ob = subprocess.Popen(cmd1, shell=True, stdout = subprocess.PIPE, stderr = subprocess.PIPE)
        out1,err1= ob.communicate()
        print "Password changed successfully for the user : "+i if (out and out1) else (err and err1)
    else:
        print "Password changed successfully for the user : "+i if (out) else (err)
​
try:
    os.remove(fp)
    os.remove(admin_file)
except:
    pass
​
print "Logging out of the Machine to apply changes"
os.popen("shutdown.exe -L")
​

Comments

No Comments.

Script to Force Password Change on Non-Admin Users

Comments

Leave a Comment