I have multiple machines in a workgroup. Each has the same admin user and password and I need to change the password in all of them The part of the script that does this is:
$user = [adsi]"WinNT://$computer/$username"
$user.SetPassword($password)
$user.SetInfo()
I get this error:
The following exception occurred while retrieving member "SetPassword": "The network path was not found.
I tried this: How to Run PowerShell Commands on Remote Computers but it doesn't help
I turned the firewall on the remote machines off and then it worked... The question is, what rule do I need in the firewall to allow this? I couldn't figure out which port/protocol
I believe it requires both the Remote Administration and the File & Print Sharing rules to be enabled in addition to your remote credential being part of the Administrators group (either explicitly or through Domain groups) on the target machine.
The following website shows how this can be enabled in Group Policy on a domain. You'll need both the Computer Management and the Powershell sections.
https://4sysops.com/archives/add-a-user-to-the-local-administrators-group-on-a-remote-computer/
... [Computer Management] Hence, if you want to manage remote computers with Computer Management, you have to enable the Group Policy setting Allow inbound remote administration exception for the Windows Firewall. You can find the policy in Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.
Allow inbound remote administration exception
... [Powershell] For this method to work, we need another firewall setting as with the Computer Management solution. You have to enable the Group Policy Allow inbound file and printer sharing exception. The policy is also located in Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile.
Allow inbound file and printer sharing exception