For a developer or IT admin working in Windows Server 2008 environment, you may have noticed ctrl+alt+del does not work over remote connection and you can no longer change your password from control panel.
The best solution to this in my opinion, that will likely work far into the future, is the command line.
Also keep in mind you are a server admin and disable much functionality for your remote users, sometimes these permissions don’t always apply to command line variants and the latter can be used for privilege escalation in the event of a workstation or user profile compromise.
net user user_name * /domain net user user_name new_password ex. net user Bob 12bdir5$
Microsoft Support, “How to Change User Password at Command Prompt”,
See below for batch file code snippet to use with SDelete. Add to your “User/Administrator/AppData/Roaming/Microsoft/Windows/SendTo” (In Vista/7/Serv08) or “Documents and Settings\%username%\SendTo” (In XP).
(%APPDATA% environment variable actually points to “C:\users\\AppData\Roaming”)
I have modified the code below from it’s original source on blog (see references) to 3 passes instead of four. See wikipedia page for more information on data remanence. If the script runs slow on your system consider decreasing this to 3 or 4.
if "%~f1"=="" (
echo No more args given. Done.
exit /b 0
ECHO Y| cacls %1 /T /C /G Administrators:F
attrib -h -s -r -a %1 /S /D
attrib -h -s -r -a %1\*.* /S /D
sdelete -p 7 -s -q %1
Windows 7 environment path seems to be buggy at times. Absolute references to executables is more reliable.
@echo off :START if "%~f1"=="" ( echo No more args given. Done. exit /b 0 ) :WORK ECHO Y| C:\Windows\System32\cacls.exe %1 /T /C /G Administrators:F C:\Windows\System32\attrib.exe -h -s -r -a %1 /S /D C:\Windows\System32\attrib.exe -h -s -r -a %1\*.* /S /D C:\Windows\System32\sdelete.exe -p 7 -s -q %1 :NEXTARG shift goto START
Any snippets may have been condensed from their original sources for brevity. See references for original articles.
All server side code examples are in C# .Net.
Sysinternals, Blog: “My Handy sdelete scripts”, Soulstace, http://forum.sysinternals.com/my-handy-sdelete-scripts_topic6065.html
Wikipedia, “Data Remanance”, http://en.wikipedia.org/wiki/Data_remanence