Vista Tutorial - Is ADSI encrypted?

01-17-2008

Hi!

I`m planning to use this script to reset local administrator-passwords on
remote computers:

$erroractionpreference = "SilentlyContinue"

$date = Get-Date

foreach ( $strComputer in get-content C:\ps-scripts\logs\servers.txt)
{

$ping = new-object System.Net.NetworkInformation.Ping

$Reply = $null
$Reply = $ping .send( $strComputer )

if ( $Reply .status -like 'Success' )
{

$admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user" )

$admin .psbase.invoke( "SetPassword" , "newpassword" )

Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value
"Administrator-password on $strComputer reset $date"

}

}

Are the ADSI-connection encrypted or do I need additional parameters for
this?

I tried resetting a password on a remote machine using this script while
running Wireshark. I didn`t find anything in the capture-log when searching
for "newpassword"...

--JER--

01-17-2008

It is encrypted via RPC.

The Server wouldn't allow you to reset it if it were from an unsecure connection.

Brandon Shell
---------------
Blog: http://www.bsonposh.com/
PSH Scripts Project: www.codeplex.com/psobject

j> Hi!
j>
j> I`m planning to use this script to reset local
j> administrator-passwords on remote computers:
j>
j> $erroractionpreference = "SilentlyContinue"
j>
j> $date = Get-Date
j>
j> foreach ( $strComputer in get-content C:\ps-scripts\logs\servers.txt)
j> {
j>
j> $ping = new-object System.Net.NetworkInformation.Ping
j>
j> $Reply = $null
j> $Reply = $ping .send( $strComputer )
j> if ( $Reply .status -like 'Success' )
j> {
j> $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user"
j> )
j>
j> $admin .psbase.invoke( "SetPassword" , "newpassword" )
j>
j> Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value
j> "Administrator-password on $strComputer reset $date"
j>
j> }
j>
j> }
j>
j> Are the ADSI-connection encrypted or do I need additional parameters
j> for this?
j>
j> I tried resetting a password on a remote machine using this script
j> while running Wireshark. I didn`t find anything in the capture-log
j> when searching for "newpassword"...
j>
j> --JER--
j>

01-18-2008

Thank you!

"Brandon Shell [MVP]" <a_bshell.mask@xxxxxx> skrev i melding
news:29d4f64638068ca2755f45f03f8@xxxxxx

Quote:

> It is encrypted via RPC.
>
> The Server wouldn't allow you to reset it if it were from an unsecure
> connection.
>
> Brandon Shell
> ---------------
> Blog: http://www.bsonposh.com/
> PSH Scripts Project: www.codeplex.com/psobject
>
> j> Hi!
> j> j> I`m planning to use this script to reset local
> j> administrator-passwords on remote computers:
> j> j> $erroractionpreference = "SilentlyContinue"
> j> j> $date = Get-Date
> j> j> foreach ( $strComputer in get-content
> C:\ps-scripts\logs\servers.txt)
> j> {
> j> j> $ping = new-object System.Net.NetworkInformation.Ping
> j> j> $Reply = $null
> j> $Reply = $ping .send( $strComputer )
> j> if ( $Reply .status -like 'Success' )
> j> {
> j> $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user"
> j> )
> j> j> $admin .psbase.invoke( "SetPassword" , "newpassword" )
> j> j> Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value
> j> "Administrator-password on $strComputer reset $date"
> j> j> }
> j> j> }
> j> j> Are the ADSI-connection encrypted or do I need additional parameters
> j> for this?
> j> j> I tried resetting a password on a remote machine using this script
> j> while running Wireshark. I didn`t find anything in the capture-log
> j> when searching for "newpassword"...
> j> j> --JER--
> j>
>

01-18-2008

Some more info here to help you trace what is going on. I assume (under the
covers) you are using NetUserSetInfo.

A Quote from "Joe Kaplan" DS MVP

"When ADSI uses LDAP, it will use port 636. Kerberos will use port 441 (the
special Kerb password protocol port)
and NetUserSetInfo or NetUserChangePassword will use RPC, so expect some
port 135 for the location part and then some negotiation of high range ports
after that."

"jer" <jer@xxxxxx> wrote in message
news:0A4C5BDA-B476-4107-B9B3-FD9B8E7235FB@xxxxxx

Quote:

> Thank you!
>
>
> "Brandon Shell [MVP]" <a_bshell.mask@xxxxxx> skrev i melding
> news:29d4f64638068ca2755f45f03f8@xxxxxx

Quote:

>> It is encrypted via RPC.
>>
>> The Server wouldn't allow you to reset it if it were from an unsecure
>> connection.
>>
>> Brandon Shell
>> ---------------
>> Blog: http://www.bsonposh.com/
>> PSH Scripts Project: www.codeplex.com/psobject
>>
>> j> Hi!
>> j> j> I`m planning to use this script to reset local
>> j> administrator-passwords on remote computers:
>> j> j> $erroractionpreference = "SilentlyContinue"
>> j> j> $date = Get-Date
>> j> j> foreach ( $strComputer in get-content
>> C:\ps-scripts\logs\servers.txt)
>> j> {
>> j> j> $ping = new-object System.Net.NetworkInformation.Ping
>> j> j> $Reply = $null
>> j> $Reply = $ping .send( $strComputer )
>> j> if ( $Reply .status -like 'Success' )
>> j> {
>> j> $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user"
>> j> )
>> j> j> $admin .psbase.invoke( "SetPassword" , "newpassword" )
>> j> j> Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value
>> j> "Administrator-password on $strComputer reset $date"
>> j> j> }
>> j> j> }
>> j> j> Are the ADSI-connection encrypted or do I need additional
>> parameters
>> j> for this?
>> j> j> I tried resetting a password on a remote machine using this script
>> j> while running Wireshark. I didn`t find anything in the capture-log
>> j> when searching for "newpassword"...
>> j> j> --JER--
>> j>
>>

>

01-17-2008	#1 (permalink)
jer Guest n/a posts	Is ADSI encrypted? Hi! I`m planning to use this script to reset local administrator-passwords on remote computers: $erroractionpreference = "SilentlyContinue" $date = Get-Date foreach ( $strComputer in get-content C:\ps-scripts\logs\servers.txt) { $ping = new-object System.Net.NetworkInformation.Ping $Reply = $null $Reply = $ping .send( $strComputer ) if ( $Reply .status -like 'Success' ) { $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user" ) $admin .psbase.invoke( "SetPassword" , "newpassword" ) Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value "Administrator-password on $strComputer reset $date" } } Are the ADSI-connection encrypted or do I need additional parameters for this? I tried resetting a password on a remote machine using this script while running Wireshark. I didn`t find anything in the capture-log when searching for "newpassword"... --JER--
My System Specs

01-17-2008	#2 (permalink)
Brandon Shell [MVP] Guest n/a posts	Re: Is ADSI encrypted? It is encrypted via RPC. The Server wouldn't allow you to reset it if it were from an unsecure connection. Brandon Shell --------------- Blog: http://www.bsonposh.com/ PSH Scripts Project: www.codeplex.com/psobject j> Hi! j> j> I`m planning to use this script to reset local j> administrator-passwords on remote computers: j> j> $erroractionpreference = "SilentlyContinue" j> j> $date = Get-Date j> j> foreach ( $strComputer in get-content C:\ps-scripts\logs\servers.txt) j> { j> j> $ping = new-object System.Net.NetworkInformation.Ping j> j> $Reply = $null j> $Reply = $ping .send( $strComputer ) j> if ( $Reply .status -like 'Success' ) j> { j> $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user" j> ) j> j> $admin .psbase.invoke( "SetPassword" , "newpassword" ) j> j> Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value j> "Administrator-password on $strComputer reset $date" j> j> } j> j> } j> j> Are the ADSI-connection encrypted or do I need additional parameters j> for this? j> j> I tried resetting a password on a remote machine using this script j> while running Wireshark. I didn`t find anything in the capture-log j> when searching for "newpassword"... j> j> --JER-- j>
My System Specs

01-18-2008	#3 (permalink)
jer Guest n/a posts	Re: Is ADSI encrypted? Thank you! "Brandon Shell [MVP]" <a_bshell.mask@xxxxxx> skrev i melding news:29d4f64638068ca2755f45f03f8@xxxxxx Quote: > It is encrypted via RPC. > > The Server wouldn't allow you to reset it if it were from an unsecure > connection. > > Brandon Shell > --------------- > Blog: http://www.bsonposh.com/ > PSH Scripts Project: www.codeplex.com/psobject > > j> Hi! > j> j> I`m planning to use this script to reset local > j> administrator-passwords on remote computers: > j> j> $erroractionpreference = "SilentlyContinue" > j> j> $date = Get-Date > j> j> foreach ( $strComputer in get-content > C:\ps-scripts\logs\servers.txt) > j> { > j> j> $ping = new-object System.Net.NetworkInformation.Ping > j> j> $Reply = $null > j> $Reply = $ping .send( $strComputer ) > j> if ( $Reply .status -like 'Success' ) > j> { > j> $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user" > j> ) > j> j> $admin .psbase.invoke( "SetPassword" , "newpassword" ) > j> j> Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value > j> "Administrator-password on $strComputer reset $date" > j> j> } > j> j> } > j> j> Are the ADSI-connection encrypted or do I need additional parameters > j> for this? > j> j> I tried resetting a password on a remote machine using this script > j> while running Wireshark. I didn`t find anything in the capture-log > j> when searching for "newpassword"... > j> j> --JER-- > j> >
My System Specs

01-18-2008	#4 (permalink)
Brandon Shell [MVP] Guest n/a posts	Re: Is ADSI encrypted? Some more info here to help you trace what is going on. I assume (under the covers) you are using NetUserSetInfo. A Quote from "Joe Kaplan" DS MVP "When ADSI uses LDAP, it will use port 636. Kerberos will use port 441 (the special Kerb password protocol port) and NetUserSetInfo or NetUserChangePassword will use RPC, so expect some port 135 for the location part and then some negotiation of high range ports after that." "jer" <jer@xxxxxx> wrote in message news:0A4C5BDA-B476-4107-B9B3-FD9B8E7235FB@xxxxxx Quote: > Thank you! > > > "Brandon Shell [MVP]" <a_bshell.mask@xxxxxx> skrev i melding > news:29d4f64638068ca2755f45f03f8@xxxxxx Quote: >> It is encrypted via RPC. >> >> The Server wouldn't allow you to reset it if it were from an unsecure >> connection. >> >> Brandon Shell >> --------------- >> Blog: http://www.bsonposh.com/ >> PSH Scripts Project: www.codeplex.com/psobject >> >> j> Hi! >> j> j> I`m planning to use this script to reset local >> j> administrator-passwords on remote computers: >> j> j> $erroractionpreference = "SilentlyContinue" >> j> j> $date = Get-Date >> j> j> foreach ( $strComputer in get-content >> C:\ps-scripts\logs\servers.txt) >> j> { >> j> j> $ping = new-object System.Net.NetworkInformation.Ping >> j> j> $Reply = $null >> j> $Reply = $ping .send( $strComputer ) >> j> if ( $Reply .status -like 'Success' ) >> j> { >> j> $admin =[ adsi ]( "WinNT://" + $strComputer + "/administrator, user" >> j> ) >> j> j> $admin .psbase.invoke( "SetPassword" , "newpassword" ) >> j> j> Add-Content -path C:\ps-scripts\logs\servers-reset.txt -Value >> j> "Administrator-password on $strComputer reset $date" >> j> j> } >> j> j> } >> j> j> Are the ADSI-connection encrypted or do I need additional >> parameters >> j> for this? >> j> j> I tried resetting a password on a remote machine using this script >> j> while running Wireshark. I didn`t find anything in the capture-log >> j> when searching for "newpassword"... >> j> j> --JER-- >> j> >> >
My System Specs

Similar Threads
Thread	Forum
ADSI & Excel	PowerShell
Backing up Bitlocker Encrypted Drive Equals Not Encrypted	Vista security
Frustrating ADSI	PowerShell
Using ADSI in NT4 domain	PowerShell