Blog Archives

Reset Password from Command Prompt in Server 2008

For a developer or IT admin working in Windows Server 2008 environment, you may have noticed ctrl+alt+del does not work over remote connection and you can no longer change your password from control panel.

The best solution to this in my opinion, that will likely work far into the future, is the command line.

Also keep in mind you are a server admin and disable much functionality for your remote users, sometimes these permissions don’t always apply to command line variants and the latter can be used for privilege escalation in the event of a workstation or user profile compromise.

net user user_name * /domain

net user user_name  new_password

ex.
net user Bob 12bdir5$

References
Microsoft Support, “How to Change User Password at Command Prompt”,

File Shredder Shortcut using SDelete in Windows XP, Vista, 7

Computer enthusiasts have been using file shredders to delete files for many years. Sysinternals makes a very cool utility called “SDelete” that “shreds” a file

See below for batch file code snippet to use with SDelete. Add to your “User/Administrator/AppData/Roaming/Microsoft/Windows/SendTo” (In Vista/7/Serv08) or “Documents and Settings\%username%\SendTo” (In XP).

(%APPDATA% environment variable actually points to “C:\users\\AppData\Roaming”)

I have modified the code below from it’s original source on blog (see references) to 3 passes instead of four. See wikipedia page for more information on data remanence. If the script runs slow on your system consider decreasing this to 3 or 4.


@echo off
:START
if "%~f1"=="" (
echo No more args given. Done.
exit /b 0
)
:WORK
ECHO Y| cacls %1 /T /C /G Administrators:F
attrib -h -s -r -a %1 /S /D
attrib -h -s -r -a %1\*.* /S /D
sdelete -p 7 -s -q %1
:NEXTARG
shift
goto START

Addendum 2012.11.09
Windows 7 environment path seems to be buggy at times. Absolute references to executables is more reliable.

@echo off
:START
if "%~f1"=="" (
echo No more args given. Done.
exit /b 0
)
:WORK
ECHO Y| C:\Windows\System32\cacls.exe %1 /T /C /G Administrators:F
C:\Windows\System32\attrib.exe -h -s -r -a %1 /S /D
C:\Windows\System32\attrib.exe -h -s -r -a %1\*.* /S /D
C:\Windows\System32\sdelete.exe -p 7 -s -q %1
:NEXTARG
shift
goto START


Note:
Any snippets may have been condensed from their original sources for brevity. See references for original articles.

All server side code examples are in C# .Net.

References
Sysinternals, Blog: “My Handy sdelete scripts”, Soulstace, http://forum.sysinternals.com/my-handy-sdelete-scripts_topic6065.html
Wikipedia, “Data Remanance”, http://en.wikipedia.org/wiki/Data_remanence
HowToGeek, http://www.howtogeek.com/howto/windows-vista/customize-the-windows-vista-send-to-menu/