Solved

Reset Multiple AD account passwords

Posted on 2004-09-09
8
377 Views
Last Modified: 2010-04-14
I'm in need of resetting about 200+ user accounts in our Win 2000 AD domain to a common password that is pre-expired.  Can someone lend a suggestion?
0
Comment
Question by:danielbourdeau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 12024528
danielbourdeau
You can set the passwords of multiple user accounts with a VBScript

Go to www.15seconds.com and do a search, there are loads of scripts around that will do what you want, and set the password must be changed on next logon flag as well.

Cheers

JamesDS
0
 
LVL 76

Accepted Solution

by:
David Lee earned 300 total points
ID: 12026093
This script should do the trick.  To use it you will need to create a text file containing the container names of the user's whose passwords you want to reset.  It will only reset the passwords of the names in the file.  The file is simple, each user's container name goes on a separate line.  Copy the script and paste it into a file.  I called mine ChangePass.Vbs, but you can call yours whatever you want so long as it ends with .Vbs.  Edit the script as necessary.  I've included comments telling you where you need to change things.

Credit where credit is due.  I put this script together based on examples I've found on various web sites and from various books.  It is not a completely original creation.


---- Begin ChangePass.Vbs

Dim objFSO
Dim objUser
Dim objUserList
Dim strUserName
Dim strPassword
' Edit the line below and replace MyNewPassword with whatever password you want to use.
strPassword = "MyNewPassword"
Set objFSO = Createobject("Scripting.FileSystemObject")
' Edit the line below and replace the file name C:\UserList.Txt with the name and path of the user list file you created.
Set objUserList = objFSO.OpenTextFile("C:\UserList.Txt",1)
Do While Not objUserList.AtEndOfStream
    strUserName = objUserList.Readline
    ' Edit the line below chnging the ou= and the two dc= parameters to those for your AD domain
    Set objUser = GetObject("LDAP://cn=" & strUserName & ",ou=MyOU,dc=MyOrg,dc=com")
    Wscript.Echo "Changing password for: " & objUser.displayName
    objUser.SetPassword strPassword
Loop
objUserList.Close
Set objUser = Nothing
Set objUserList = Nothing
Set objFSO = Nothing
0
 

Author Comment

by:danielbourdeau
ID: 12027112
Thanks for the help - this is great stuff.  I want to be sure about the input file that I need to create.  Do I need just the OU's listed on individual lines or the qualified name of each user on individual lines?
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 76

Expert Comment

by:David Lee
ID: 12029431
This particular code sample assumes that all the users are in one OU.  If they're not, then you can use separate username files and adjust the OU in the script before running each one, or I can modify the script so you can have the OU and username both in the file.  You're choice.  Right now the user list file just needs the account names of the users, each on a separate line.  If you're in doubt about what the account name is, use ADSIEdit to look and see what the CN= is for a user.  
0
 

Author Comment

by:danielbourdeau
ID: 12050948
No.  I'll just create individual files rather than you spending the time.  Very, very generous offer.  Thank you.  I do have another question.  When I make an export of the OU it gives me what appears to be the display name (first and last name) versus the account name.  What am I doing wrong?
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12052602
You're welcome.  Just trying to give back something for all the help and information I've gotten off the internet over the years.

I'm typing this from a computer that doesn't have all my AD reference material on it, but what you want is the CN or Common-Name.  If you open ADSIEdit and drill down into one of your OU's, you'll see that each user entry is represented as CN=UserAccountName.  In my AD structure it looks like this:

    CN=Doe\, Joe

If you're doing an export, CN is the attribute you need.
0
 

Author Comment

by:danielbourdeau
ID: 12063358
I'm going to do an export and run the script you've provided.  Wish me luck - I'll let you know how it turns out.  Thanks again for the time and help.
0
 
LVL 76

Expert Comment

by:David Lee
ID: 12063653
Good luck!  Let me know if there's anything I can do to help.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article was initially published on Monitis Blog, you can read it here . When it comes to deciding which approach to website performance monitoring is best for your business, unfortunately, like so many options in life . . . it depends. In t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question