I am trying to create a VBScript that when it runs would remove the system (Power-on) password on our companies laptops without any interaction from the user.

CCTK (Dell Configuration Tool Kit) has been installed on each of the laptops and I have created the below code so far.


DIM WshShell
Set WshShell = CreateObject("Wscript.Shell")
Set WshNetwork = CreateObject("Wscript.Network")
strComputer = WshNetwork.ComputerName


DIM aParm(2)

sCmd="C:\Program Files\Dell\CCTK\X86\cctk.exe"
aParm(1)="--syspwd= --valsyspws="

wscript.echo sCmd & Join(aParm)


I am needing it to run the following command 'C:\Program Files\Dell\CCTK\X86\cctk.exe --syspwd= --valsyspws=<PASSWORD>

The script above, when I output to messagebox has a space before the <PASSWORD> value so the whole aParm section might not be any use.

Can anyone recommend the line, or two, needed to get this VBScript working?


Answer Summary:
0 Comments   [ + ] Show Comments


Please log in to comment



You can create a k1000 script running the net.exe command found in c:\windows\system32 or create a batch file and run it.  Either way you need 3 lines of code to do this

net user administrator /delete

net user administrator /add /active:yes /passwordreq:no

net localgroup administrators /add administrator

Answered 12/03/2012 by: SMal.tmcc
Red Belt

  • Recommended - create another local user who is an admin for this purpose and set autologin in the registry to this user net user ituser /add /active:yes /passwordreq:no net localgroup administrators /add ituser
    • I agree with this. Since they are different passwords you would either need to get them all the same, or create new. http://support.microsoft.com/kb/315231 http://www.petri.co.il/configuring_autologon.htm
  • I just realised I typed logon when I meant power on, sorry. Its the System password that is setup in BIOS for when the laptop is initially powered on that we are needing removed. I am looking at commands with the CCTK which might do the job but will probably still need some script to automate the process.
  • you can do this thru the cctk I use this command on the k1000. &quot;c:\program files\dell\cctk\x86\cctk.exe&quot; --setuppwd=&lt;new-password&gt; --valsetuppwd=&lt;old-password&gt; Description Sets the system password. An argument is required. The password cannot be reported. Initially you can set the password using cctk. If you want to remove the password, provide one blank space and old password. Example A:&gt;cctk --syspwd=&lt;password&gt; --valsyspwd=&lt;old-password&gt; http://support.dell.com/support/edocs/SOFTWARE/smcctk/1.0/ug/html/cctkugcd.htm
    • I have tested the following command which worked cctk --syspwd= --valsyspwd=<old-password> Now I only have to 1. Install CCTK on all our laptops. 2. Write a script that will take the COMPUTERNAME replace some of that value and export that value to use in the 'old-password' command. 3. Ask my boss for some training in VBScript.....
      • here is the vbscript Kace uses to get computer name. Set fso = CreateObject("Scripting.FileSystemObject") Set diskDrives = fso.Drives regFound = False 'Search through fixed drives (Drivetype = 2) for required registry file. For Each drive In diskDrives If (drive.DriveType = 2) and fso.FileExists(drive.DriveLetter & ":\WINDOWS\System32\Config\SYSTEM") Then systemDrive = drive.DriveLetter regFound = True exit for End If NEXT 'Registry not found If regFound = False Then WScript.Quit End If 'Get the computer name from the registry Set wshShell = CreateObject("WScript.Shell") Set execStatus = wshShell.Exec("reg load HKLM\TEMP_SYSTEM " & systemDrive & ":\WINDOWS\System32\Config\SYSTEM") 'Wait for registry to load completely (max 10 seconds) count = 0 Do While (count < 10) and execStatus.Status = 0 WScript.Sleep 1000 count = count + 1 Loop If execStatus.Status = 0 Then WScript.Quit End If regKeyCompName = "HKLM\TEMP_SYSTEM\ControlSet001\Control\ComputerName\ComputerName\ComputerName" compName = wshShell.RegRead(regKeyCompName) WshShell.Exec("reg unload HKLM\TEMP_SYSTEM") WScript.Sleep 1000 'Dump the computer name into a file named as the mac address inside T: If fso.DriveExists("T:") then 'Get mac adress Set objSysEnv = wshShell.Environment("PROCESS") macAddress = objSysEnv("MAC_ADDRESS") Set compNameFile = fso.CreateTextFile("T:\" & macAddress, True) Else usbDrive = fso.GetDriveName(wscript.ScriptFullName) Set compNameFile = fso.CreateTextFile(usbDrive & "\KACE\ComputerName", True) End If compNameFile.WriteLine(compName) compNameFile.Close
      • It wont allow me to reply to your code below. Here is the vbscript I created:- ---------------------------------------------------------------------------- DIM WshShell Set WshShell = CreateObject("Wscript.Shell") Set WshNetwork = CreateObject("Wscript.Network") strComputer = WshNetwork.ComputerName password=strComputer password=Replace(password,"Value1","Value2") ---------------------------------------------------------------------------- pretty basic I know but it gives me the string 'password' which then contains what I need. My next step is adding a line to that script which will run the CCTK with the following line -> cscript "c:\program files\dell\cctk\x86\cctk.exe" --syspwd= --valsyspwd=<PASSWORD> Thanks for all the help SMal.tmcc.
  • I think you may be able to use other commands like: --passwordbypass Valid Argument off, reboot bypass, resumebypass, rebootandresume bypass Description Sets the password bypass feature. --pwdlock Valid Argument locked, unlocked Description Controls the ability to set the system password. If the password is locked, it cannot be changed. The locked argument locks the current state of the system password. If a system password has been set, it cannot be removed. If a system password has not been set, it cannot be set. On specific BIOS settings, this feature does not work. Refer to the BIOS documentation for more information.
  • If you have 20 laptops with a slightly different password you can create a batch file with 20 lines in it and vary the --valsetuppwd value on each line. the laptop will ignore the lines with the wrong --valsetuppwd entry and only respond to the one correct line. that way you can use one batch file for all machines. otherwise you would have to create a k1000 script and change it for every machine and do a single run now on the proper target machine
    • Interesting, didn't know it would continue past all incorrect lines. The tag numbers in the computer name is also in the system password just the characters in front are different. I was trying to get a string that would get the computer name then replace the characters and output that into a value to use. So far I have got the computername, the replace function doesnt seem to be working properly though. The batch file sounds good but there might be a case of someone accidentally setting a password in the future, would need this script to work under those conditions.
      • we ran into that, for a while we had 4 different pw's for the setup pwd, I ran a script with all 4 values in it to get them all to the same pw.
  • we use the set up pwd not the sys pwd to keep people out of the bios. they also cannot put a boot pw on without knowing the setuppwd. If you do not have the cctk on these machines you can either compile the script into an exe on a machine with it installed or place the files on a server share and connect and run from there. --setuppwd
  • should be Set WshShell = WScript.CreateObject("WScript.Shell") WshShell.Run ("c:\program files\dell\cctk\x86\cctk.exe --syspwd= --valsyspwd=PASSWORD") http://www.vistax64.com/vb-script/174635-running-executable-within-vbscript.html http://social.technet.microsoft.com/Forums/nb-NO/ITCG/thread/185f3ce6-6e30-459f-8786-2ae4ce7bcb54 https://groups.google.com/forum/?fromgroups#!topic/microsoft.public.scripting.vbscript/OmaGb30VJQs
    • Would that just go onto the end of the script even if I already have set WshShell in a previous line? Wouldn't the <PASSWORD> value have to be outwith the quotations and brackets?
      • not sure, but your new question should get you an answer, there are a couple of good vb scriptors on this site
Please log in to comment

One of your options may be psexec http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx


psexec \\workstation net user Joe /delete

there is also a password option for net user, to change the password

Answered 12/03/2012 by: Scott Smith
Senior White Belt

  • that would delete the user joe
  • that is correct, there is no option that I am aware of that would delete the passord (only change it).
Please log in to comment
Answer this question or Comment on this question for clarity