Solved

Reset Multiple AD account passwords

Posted on 2004-09-09
8
375 Views
Last Modified: 2010-04-14
I'm in need of resetting about 200+ user accounts in our Win 2000 AD domain to a common password that is pre-expired.  Can someone lend a suggestion?
0
Comment
Question by:danielbourdeau
  • 4
  • 3
8 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 12024528
danielbourdeau
You can set the passwords of multiple user accounts with a VBScript

Go to www.15seconds.com and do a search, there are loads of scripts around that will do what you want, and set the password must be changed on next logon flag as well.

Cheers

JamesDS
0
 
LVL 76

Accepted Solution

by:
David Lee earned 300 total points
ID: 12026093
This script should do the trick.  To use it you will need to create a text file containing the container names of the user's whose passwords you want to reset.  It will only reset the passwords of the names in the file.  The file is simple, each user's container name goes on a separate line.  Copy the script and paste it into a file.  I called mine ChangePass.Vbs, but you can call yours whatever you want so long as it ends with .Vbs.  Edit the script as necessary.  I've included comments telling you where you need to change things.

Credit where credit is due.  I put this script together based on examples I've found on various web sites and from various books.  It is not a completely original creation.


---- Begin ChangePass.Vbs

Dim objFSO
Dim objUser
Dim objUserList
Dim strUserName
Dim strPassword
' Edit the line below and replace MyNewPassword with whatever password you want to use.
strPassword = "MyNewPassword"
Set objFSO = Createobject("Scripting.FileSystemObject")
' Edit the line below and replace the file name C:\UserList.Txt with the name and path of the user list file you created.
Set objUserList = objFSO.OpenTextFile("C:\UserList.Txt",1)
Do While Not objUserList.AtEndOfStream
    strUserName = objUserList.Readline
    ' Edit the line below chnging the ou= and the two dc= parameters to those for your AD domain
    Set objUser = GetObject("LDAP://cn=" & strUserName & ",ou=MyOU,dc=MyOrg,dc=com")
    Wscript.Echo "Changing password for: " & objUser.displayName
    objUser.SetPassword strPassword
Loop
objUserList.Close
Set objUser = Nothing
Set objUserList = Nothing
Set objFSO = Nothing
0
 

Author Comment

by:danielbourdeau
ID: 12027112
Thanks for the help - this is great stuff.  I want to be sure about the input file that I need to create.  Do I need just the OU's listed on individual lines or the qualified name of each user on individual lines?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 76

Expert Comment

by:David Lee
ID: 12029431
This particular code sample assumes that all the users are in one OU.  If they're not, then you can use separate username files and adjust the OU in the script before running each one, or I can modify the script so you can have the OU and username both in the file.  You're choice.  Right now the user list file just needs the account names of the users, each on a separate line.  If you're in doubt about what the account name is, use ADSIEdit to look and see what the CN= is for a user.  
0
 

Author Comment

by:danielbourdeau
ID: 12050948
No.  I'll just create individual files rather than you spending the time.  Very, very generous offer.  Thank you.  I do have another question.  When I make an export of the OU it gives me what appears to be the display name (first and last name) versus the account name.  What am I doing wrong?
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12052602
You're welcome.  Just trying to give back something for all the help and information I've gotten off the internet over the years.

I'm typing this from a computer that doesn't have all my AD reference material on it, but what you want is the CN or Common-Name.  If you open ADSIEdit and drill down into one of your OU's, you'll see that each user entry is represented as CN=UserAccountName.  In my AD structure it looks like this:

    CN=Doe\, Joe

If you're doing an export, CN is the attribute you need.
0
 

Author Comment

by:danielbourdeau
ID: 12063358
I'm going to do an export and run the script you've provided.  Wish me luck - I'll let you know how it turns out.  Thanks again for the time and help.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12063653
Good luck!  Let me know if there's anything I can do to help.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question