Here's how to use NCM to accomplish your task:
Caveats:
* These commands and suggestions are based on working with a Cisco-style platform. If you use something else, just use that system's commands.
* Prior to changing configurations, backup all your devices. That way you have something to analyze or fall-back to, in case you discover problems.
* Start with just one device that's in a test environment if you've never done this before. Work on a single switch hanging off the network, with nothing attached to it, to prove the process. That lets you watch what's going on, correct typos, and develop confidence in it. You can see if the process failed or succeeded--without having caused an outage for your users/company. If it failed, you can modify the script or adjust the process and try again, without impacting any production equipment or users.
* You can omit the "copy run start" if you are not completely certain your command is the right one. If your script causes you to lose management ability on the device, and if you haven't written the running-config to the startup-config, you can simply reboot the device to eliminate the new command and regain remote access to the device. Once you've proven it's the right command you can copy run start by replacing the password change command with "copy run start" and running the process again with the new command.
* The "reload at" or "reload in" commands can be your friends. They let you reboot devices automatically at a specific time, or in x minutes. Use these commands for devices that you do not convenient have physical access to, and on which you may wish to reboot (prior to saving the running-config to startup-config) so that you can remove a fat-fingered command that has eliminated your remote access ability. For example, if your business is closed after 5 p.m., and you don't have a test switch or router on which to test the process, before you start changing passwords on a device, issue the "reload in 15" command. The device will reboot in 15 minutes unless you cancel the reload, and your change will be removed. This beats having to drive (fly!) to a site to reboot a box, or having to call someone at the remote site and asking them to power off / power on the device so you can recover remote access to it.
* Once you've got the right command and process in place through testing on your test box, select part or all of the devices that need the change and run the script on them. If the command was the right one you can include the "copy run start" command and all the devices will save the new passwords to their startup-config files. If you don't do this, and a device reboots, it will boot up using the old passwords.
Process:
1. Open NCM and select all the nodes on the left that need to have their passwords changed.
* You can select and do them individually, or select multiple devices by holding down the Ctrl Key and clicking on them.
* Select a contiguous range of devices by clicking on the top one, holding down the Shift key, and clicking on the bottom one.
* Or if you have them displayed by a group type (e.g.: Vendor), just click on the Vendor and all devices from that vendor will be selected.
2. Right-click on one of the selected devices (or on the group) and a new drop down menu will appear.
3. Select the option "Execute Command Script"
4. A new window will open.
a. The top section displays the nodes that will receive the command. You can add or remove devices here, too.
b. In the bottom section, type in the command exactly as you would if you were CLI'd into a device, including carriage returns. If your devices were Cisco, you'd key in the following:
conf t
username sam privilege 15 password 7 sdfsdfasdfsdf
end
copy run start
5. At the bottom left of the lower window, click the button "Execute Command Script". NCM will apply the script to all the selected devices for you, and will display its progress.
6. Once the process is complete, review its output for any failures and address them.
Good Networking!
Rick S.