RESTORE COMPUTER OBJECT AND RETRIEVE LOCAL ADMIN PASSWORD USING POWERSHELL


Below script, used I used in a situation, where we are using LAPS (Local Administrator Password Solution https://technet.microsoft.com/en-us/library/security/3062591.aspx ) used and computer object deleted from  active directory. Either need to restore the Local admin password  (https://vipinvasudevan.com/2016/11/21/how-to-reset-lostadministrator-password-using-dvd/), I would recommend restoring the AD computer object with below script and recover old known password.

# ————              Restore AD Object         —————

Import-Module ActiveDirectory

$comp = Read-Host “Provide Computer name for restore”

$Computer = $comp+”$”

$Computers = $Null

$Computers = Get-ADObject -Filter ‘Cn -eq $comp’

 

if ($Computers -eq $Null)

{

$error.clear()

Get-ADObject -Filter ‘samaccountname -eq $Computer’ -IncludeDeletedObjects | Restore-ADObject

if ($error[0] -ne $Null) { AD Object $comp failed to restore with error $error[0] }

}

else

{

Write-host “Computer $comp available on AD”

}

Below script block helps to recover old known local administrator password from Active Directory

# ————              Retrieve Admins password            —————

Import-Module ActiveDirectory

$comp = Read-Host “Provide Computer name for retriving local admin password”

get-adcomputer -identity $comp -properties ‘ms-Mcs-AdmPwd’ | foreach {$password = $_.’ms-Mcs-AdmPwd’ }

Write-host “$comp local admin password is $password “

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s