Password Rotation Doesn't Work for Windows 2012 R2

PrivX includes default scripts for password rotation on some OSs. However, the default script for password rotation via administrator account may not work on Windows Server 2012 R2.

Fortunately, PrivX allows administrators to create or modify rotation scripts as needed.

Potential Solution

To get password rotation to work on Windows 2012 R2 hosts, you can customize the script used for the rotation process.

1. Go to Administration→Deployment→Deploy Password Rotation in the PrivX UI.
2. Under Script Templates, select Windows via administrator account script template.
3. Replace the existing script with the following version:

####################
#
# Windows 2012 R2 password rotation via administrator account
# Template variables (prefixed with @)

@list_format=$username:$password
@list_item_prefix=""
@list_separator="\", \""

#
######################

$array = @("$user_password_list")
foreach ($userpw in $array) {
    $upwArray = $userpw.Split(":")
    $username = "WinNT://./" + $upwArray[0]
    ([ADSI]$username).SetPassword($upwArray[1])
}