public void ChangePassword(IComputer computer, SecurityIdentifier sid = null) { try { if (sid == null) { sid = this.sam.GetWellKnownSid(WellKnownSidType.AccountAdministratorSid); } string newPassword = this.passwordGenerator.Generate(); DateTime rotationInstant = DateTime.UtcNow; DateTime expiryDate = DateTime.UtcNow.AddDays(this.settings.MaximumPasswordAge); lithnetAdminPasswordProvider.UpdateCurrentPassword(computer, newPassword, rotationInstant, expiryDate, this.settings.PasswordHistoryDaysToKeep, this.settings.MsMcsAdmPwdBehaviour); this.logger.LogTrace(EventIDs.SetPasswordOnAmAttribute, "Set password on Lithnet Access Manager attribute"); if (this.settings.MsMcsAdmPwdBehaviour == MsMcsAdmPwdBehaviour.Populate) { this.logger.LogTrace(EventIDs.SetPasswordOnLapsAttribute, "Set password on Microsoft LAPS attribute"); } this.sam.SetLocalAccountPassword(sid, newPassword); this.logger.LogInformation(EventIDs.SetPassword, "The local administrator password has been changed and will expire on {expiryDate}", expiryDate.ToLocalTime()); } catch (Exception ex) { this.logger.LogError(EventIDs.PasswordChangeFailure, ex, "The password change operation failed"); } }
public void ChangePassword(IComputer computer, SecurityIdentifier sid = null) { try { if (sid == null) { sid = this.sam.GetWellKnownSid(WellKnownSidType.AccountAdministratorSid); } string newPassword = this.passwordGenerator.Generate(); DateTime rotationInstant = DateTime.UtcNow; DateTime expiryDate = DateTime.UtcNow.AddDays(this.settings.MaximumPasswordAge); if (this.settings.WriteToLithnetAttributes) { lithnetAdminPasswordProvider.UpdateCurrentPassword(computer, this.encryptionProvider.Encrypt( this.certificateProvider.FindEncryptionCertificate(this.settings.CertThumbprint, this.settings.CertPath), newPassword), rotationInstant, expiryDate, this.settings.PasswordHistoryDaysToKeep); this.logger.LogTrace(EventIDs.SetPasswordOnAmAttribute, "Set password on Lithnet Access Manager attribute"); } if (this.settings.WriteToMsMcsAdmPasswordAttributes) { this.msMcsAdmPwdProvider.SetPassword(computer, newPassword, expiryDate); this.logger.LogTrace(EventIDs.SetPasswordOnLapsAttribute, "Set password on Microsoft LAPS attribute"); } else { this.msMcsAdmPwdProvider.ClearPassword(computer); } this.sam.SetLocalAccountPassword(sid, newPassword); this.logger.LogInformation(EventIDs.SetPassword, "The local administrator password has been changed and will expire on {expiryDate}", expiryDate); } catch (Exception ex) { this.logger.LogError(EventIDs.PasswordChangeFailure, ex, "The password change operation failed"); } }