This script gives an example on how to use Python COM to instantiate an ADSI object and change a NT user's password.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | import pythoncom
import win32com.client
class NTUser:
# Uses ADSI to change password under user privileges	
	def __init__(self, userid):
		self.adsiNS = win32com.client.Dispatch('ADsNameSpaces')
		Userpath = "WinNT://DOMAIN/" + userid + ",user"
		self.adsNTUser = self.adsiNS.GetObject("", Userpath)
	def reset(self, OldPasswd, NewPasswd):
		self.adsNTUser.ChangePassword(OldPasswd, NewPasswd)
# You could use the following instead if you're running under admin privileges
#		self.adsNTUser.SetPassword(NewPasswd)
		print "NT Password change was successful."
try:
	nt = NTUser(account)
	nt.reset(OldPassword, NewPassword)
except pythoncom.com_error, (hr, msg, exc, arg):
	scode = hex(exc[5])
	print "NT Password change has failed."
	if (scode == "0x8007005"):
		print "Your NT Account is locked out."
	elif (scode == "0x80070056"):
		print "Invalid Old NT Password."
	elif (scode == "0x800708ad"):
		print "The specified NT Account does not exist."
	elif (scode == "0x800708c5"):
		print "Your new password cannot be the same as any of your previous passwords."
		print "Your new password must also meet the domain's password uniqueness policy."
	else:
		print "ADSI Error - %s: %s, %s\n" % (hex(hr), msg, scode)
 | 
This could be used to roll your own password change program. I am currently using it as part of a multiplatform password changing utility to help user's keep their passwords in sync.
Also goes to show that you don't need VBScript to manipulate ADSI!
    Tags: sysadmin
  
  

 Download
Download Copy to clipboard
Copy to clipboard

Manipulating NT User Information with PERL (No ADSI). Does anyone have a library that will supply access to the NT User Database on an NT4 server that does not run ADSI?
TIA Adrian