Many accounts in your AD might need a password change. What if you want to do this in bulk ?
First, we need to the userlist. Depending on your requirements we need to get a list of users (specifically samaccountname). For random password generation I recommend using http://manytools.org/network/password-generator/ as it can generate up 1000 for free.
Here is what my UserList.csv look like:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
sAMAccountName,Password test1,gqLfZub$OtO#dBg test2,6eXq78gTyx$YjmM test3,ZNgl!KdYo7U6yzR test4,voiIs!TISw!Wcyc test5,W7ZBTAe7CWcFzyn test6,BykgCY5b*NGFO5! test7,3ApLlchwgRQwf1P test8,9jZvvR2$wDggf3M test9,*QCDjcgnNLkBDP1 test10,sZpvUnvjJxAE9HE test11,$C8TX!tcS3d#MjK test12,Pzw*aH6zjpOx8Wj test13,XmfIPiIz82!!X77 test14,ri!!hQX!w!FSZuI test15,S0Gzf6fEUsG!4Ib test16,Kj8s!vy94S!ozLJ test17,PzFzjP7obALeuWa test18,Ri5V2laxxck6Rgg test19,Rw8KcX*FoMT#gr1 test20,QDndAgzdYo5CYX! |
Make sure you do the following on a domain controller or connecting to your domain controller via PS-remote with elevated permissions.
Run this in PowerShell (Open PowerShell in Admin Mode)
PowerShell:
|
1 2 3 4 5 6 7 8 |
Import-Module Active Directory $Resetpassword = Import-Csv "c:\_Scripts\UserList.csv" foreach ($Account in $Resetpassword) { $Account.sAMAccountName $Account.Password Set-ADAccountPassword -Identity $Account.sAMAccountName -NewPassword (ConvertTo-SecureString $Account.Password -AsPlainText -force) -Reset } |
-Reset
Specifies to reset the password on an account. (User is not prompted to change password).
To use this parameter, you must set the -NewPassword parameter.
You do not need to specify the -OldPassword parameter.
Specifies to reset the password on an account. (User is not prompted to change password).
To use this parameter, you must set the -NewPassword parameter.
You do not need to specify the -OldPassword parameter.