[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Mass change password from CSV, CSV contains username and individual passwords

Posted on 2008-01-27
10
Medium Priority
?
2,844 Views
Last Modified: 2012-06-21
I can see many similar questions asked but not quite what I'm looking for.
I work at a school and from our learning management software, we can export to CSV the Windows login names of the students and their birthdays. I need to be able to change their passwords to something based on their birthday because changing them to a generic password has caused chaos in the past. The little buggers don't need much time to mess with their mates. Anyway, so I'm chasing a script that can read a 2 column CSV. Column one being the username, column 2 being the password. The script needs to change the appropriate account to the password in column B then continue through the CSV and voila... all done!! Preferably the script wouldn't need an OU path etc.
Any help would be most appreciated.
0
Comment
Question by:jeffb67
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 6

Expert Comment

by:MorDrakka
ID: 20757759
Hi,

Not much time here so only got you a script which does need a OU part.

Not entily tested, but I hope this helps.

M
SET inputlist = FSO.OpenTextFile("input.txt", ForReading)
SET resultfile = FSO.OpenTextFile("log.txt", ForAppending, TRUE)
 
DO WHILE inputlist.AtEndOfStream <> TRUE
   strInputline = inputlist.Readline
   arrInput = split(strInputline, ",")
   strUserid = arrInput(0)
   strPassword = arrInput(1)
 
 
   Set objUser = GetObject _
    ("LDAP://cn=strUserid,ou=management,dc=fabrikam,dc=com")
   objUser.SetPassword strPassword
 
LOOP

Open in new window

0
 
LVL 1

Author Comment

by:jeffb67
ID: 20757874
Thanks MorDrakka, I will have a play with this although I have seen it before. The reason I was wanting to get away from the OU structure in the script is that I have inherited this network and even though there are different OU's for the grades (and it's only one grade I need to change) I can't be sure that the kids are actually in the correct OU's. The export from the learning managent software is 100% accurate so a script that searches the whole AD for usernames will ensure only the correct students get their password changed. I will clean up AD, prolly using the same export from the LMS, but that's either another script or a bit of a big job which I don't quite have the time for just now.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20759624
You could also download adfind and admod from www.joeware.net/freetools and do something like this:

for /f "tokens=1,2 delims=," %h in (users.txt) do adfind -default -f samaccountname=%h -dsq | admod #setpwd#::%i
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Author Comment

by:jeffb67
ID: 20760278
Hey LauraEHunterMVP. I try and steer away from DOS commands where I can now, in an effort to force myself into Powershell. In any case VB is my prefered scripting for this type of thing. I have partly worked iit out by hacking up an old HTA script I've had for a while. Still... I continue to struggle :-(
0
 
LVL 18

Expert Comment

by:BSonPosh
ID: 20760623
I can provide a Powershell Script if your interested in that route.
0
 
LVL 18

Accepted Solution

by:
BSonPosh earned 2000 total points
ID: 20760938
Here is the Posh Code... it only took a second so I did anyway :)

This assumes you have a header row on the CSV with username,Password

MAN, I love Powershell.
foreach($user in (import-Csv C:\YourCSVFile.csv))
{
    Write-Host "Setting Password for $($User.username)"
    $ds = new-Object System.DirectoryServices.DirectorySearcher([ADSI]"","(&(objectcategory=user)(sAMAccountName=$($user.username)))")
    $usr = ($ds.Findone()).GetDirectoryEntry()
    $usr.SetPassword($user.password)
    $usr.SetInfo()
}

Open in new window

0
 
LVL 1

Author Closing Comment

by:jeffb67
ID: 31425560
The syntax in PS scares me a bit but given the size of the script compared to the VB equivalent, it's pretty impressive. Looks like it's back to school for me on PS. Thanks again... you're a life saver.
0
 
LVL 18

Expert Comment

by:BSonPosh
ID: 20761380
I understand that learning new things can be daunting.. if you have any questions please let me know.
0
 

Expert Comment

by:netmaster3620
ID: 25479475
When using the above powershell script I receive the following error:

Setting Password for CN=jsmith
You cannot call a method on a null-valued expression.
At :line:5 char:44
+     $usr = ($ds.Findone()).GetDirectoryEntry <<<< ()

The CSV File I am referencing is as follows:

username,Password
CN=jsmith,OU=MyUsers,DC=domain,DC=local,867530
0
 

Expert Comment

by:netmaster3620
ID: 34175623
I tested this and it worked great.  Thanks for the good work.  
0

Featured Post

[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question