Password Generator to change Admin PW

Rotate the admin password for your MSP admin account

Running an MSP or IT department demands some kind of administrator access to the endpoints under your control. While it is often a good idea to limit end-user access to limited user accounts in Windows, it is a good idea to create a secondary account on the system that gives you the ability to log in as an admin for when certain activities need to happen.

This script updates the admin password for a specific user and then stores it inside of Kaseya for easy access by your technicians. Schedule this script on your endpoints and the admin password will rotate on the schedule you set so you always have an updated password ready to go. This keeps your Support admin account locked down with unique, constantly rotating passwords so you won’t have to worry about someone guessing the admin password to every machine under your care.

How it works

• The script will prompt for the windows admin user name.
• It then uses a Powershell command to randomly generate a password.
• It replaces the password for the user using a “net user” command.
  • It also will create that user if it doesn’t exist, as well as add that user to Admin Group.
• Password gets stored in a custom field named “CF Local Admin PW”. This can be changed by editing the last line of the script.

If you want to use the default name, a field with that name must exist before importing the script.

Script defaults to a password length of 12 characters. This can be changed by editing line 4 of the script, if desired. The password generated is a random set of letters/numbers ending with a special character(!, $, # or ?). If your organization has password requirements that are not met by this script contact us to make adjustments.