3

Is there a way to change admin passwords for all my Macs connected to my network.

I know the local admin password for all PC's in my network and I need to just to change password for Username: admin

What I have to do is physically go to each Mac, login and change the password manually. Remote Login is disabled.

How can I do it faster?

Allan
  • 101,432
Lele
  • 29
  • Faster than what? What are you already doing? Do you know the admin passwords for the Macs on your network already? – Allan Feb 15 '18 at 13:05
  • Please don't cross-post to multiple SE sites. Pick one & stick to it - https://superuser.com/questions/1295228/change-in-bulk-local-admin-passwords-across-the-network – Tetsujin Feb 15 '18 at 13:18
  • @Allan Yes, i know – Lele Feb 15 '18 at 13:30
  • That doesn't answer any of the questions asked. – Allan Feb 15 '18 at 13:31
  • @Allan faster than going to every Mac and change it using it when Mac is in front of you. Yes I now the admin passwords for the Macs in my network – Lele Feb 15 '18 at 13:32
  • Do you have remote login enabled on each of the Macs? In other words, can you ssh to the Mac on the network and login with the admin account? – Allan Feb 15 '18 at 13:34
  • @Allan No. Remote Login is disabled – Lele Feb 15 '18 at 13:36
  • I assume Remote Management as well? – Allan Feb 15 '18 at 13:37
  • @Allan Yes. Remote Management and Remote login is disabled, all that stuff is disabled. Only way to change them Remotely is to enable them ? Can you give a link to how to change passwords in bulk in case if Remote Management or Remote Login is enabled – Lele Feb 15 '18 at 13:38
  • attempt to ssh to each node (you could port scan, but that would generate a ton of traffic). If it responds, Remote Login is enabled, if not, it's off. – Allan Feb 15 '18 at 13:52

1 Answers1

3

Based on the fact that Remote Management and Remote Login are disabled, you are limited to two pathways:

  • Installing remote screen sharing software like TeamViewer to connect to the machine via the web which you can then administer. The downside to this is that decent performing apps like this will cost money - and they're quite expensive

  • Going to each machine and not just enabling the password, but turning on remote login and/or management as well.

I prefer the latter option because it will ultimately give you much more control over your network connected nodes. As for security, you can configure sshd on each machine to only allow logins from an SSH key. See this answer on how to log in with keys rather than username/passwords.

You didn't mention how many Macs you have on your network and the project could be considerable. However, just chalk it up to experience as to why enabling (but securing) remote management tools is critical in networks.

You can change the password via the command line:

dscl . -passwd /Users/Lele
Allan
  • 101,432
  • 1
    To add to this answer a little -- To manage multiple Macs I strongly recommend some kind of MDM software (I use the Profile Manager in Apple's Server software, but there are other options, like jamf) and Apple Remote Desktop. With Profile Manager you can setup user, user group, machine or machine group specific setups (including a managed local admin user and password). With Remote Desktop you could issue the above command line to multiple machines at once. Both allow remote software installs, copying files and directories to specific locations, etc. A whole lot better than walking around. – David Rouse Feb 15 '18 at 14:17
  • I agree with @DavidRouse that you should look at some MDM software not just for your Macs but your PCs as well. Intune from Microsoft is a good solution if you're mostly a Windows shop. – Allan Feb 15 '18 at 14:31