rem Author: Kolesnikov Vlad
rem ACL changepass.vbs
rem allow domain admins full access
rem allow domain computers read&execute
rem deny domain controllers full access
rem deny OtherServers full access
rem ACL logfilepath
rem allow domain admins full access
rem allow domain computers create files&write data this folder only
rem allow creator owner full access


logfilepath="\\server\wdata\chps\"
newpass="*********"

Set WshNetwork = WScript.CreateObject("WScript.Network")
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & WshNetwork.ComputerName & "\root\cimv2")
logfilename=logfilepath & WshNetwork.ComputerName & ".txt"
rem msgbox (logfilename)

Set colSystemUsers = objWMIService.ExecQuery("Select * from Win32_UserAccount where Domain=""" & WshNetwork.ComputerName & """")

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile(logfilename,2,True)
objFile.WriteLine "Started " & Date & " " & Time

For Each objSystemUser in colSystemUsers
if objSystemUser.Name<>"HelpAssistant" and objSystemUser.Name<>"SUPPORT_388945a0" and objSystemUser.Name<>"krbtgt" and objSystemUser.Name<>"ASPNET"  then
objFile.WriteLine "Working " & objSystemUser.Name
Set objUser = GetObject("WinNT://" & WshNetwork.ComputerName & "/" & objSystemUser.Name & ",user")
Call objUser.SetPassword(newpass)
objFile.WriteLine "OK"
end if
Next

objFile.WriteLine "Finished " & Date & " " & Time
objFile.Close