Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 400
  • Last Modified:

Script to enable all user accounts.

Hi,

I need a script that will enable all user accounts in our domain.  Also I would like to set their account to not be able to change their passwords.

Thanks in advancce!!

Glenn
0
Beevas
Asked:
Beevas
  • 3
  • 3
  • 2
  • +1
1 Solution
 
Dangle79Commented:
not necessary unless you've got an insane number of user accounts

create a saved query in ADUC to return all users at the root OU for the users you wish to perform this action on.
(&(objectCategory=person)(objectClass=user)(name=*))

when the list gets populated, select all (ctrl+a) right-click, Enable Account
right-click, Properties, account tab, check box for User cannot change password
0
 
Dangle79Commented:
there's a caveat to my caveat. i was able to get the account tab to load with all 2500+ of my users selected without ADUC barfing on it. So it should handle at least that many, just takes a bit to chew on all of it
0
 
BeevasAuthor Commented:
I have about 20,000 users......
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Dangle79Commented:
hmmm, yeah, that's a lot more
if it's a one time deal you could just select chunks at a time
i just veer away from scripting against my AD as i don't have a test domain. scares me
0
 
RobSampsonCommented:
Hi, this would do that on a test OU:

dsquery user -limit 0 OU=Test,DC=Domain,DC=Com | dsmod -disabled no -canchpwd no
 
If that works successfully, just use

dsquery user -limit 0 DC=Domain,DC=Com | dsmod -disabled no -canchpwd no
to do the same thing for every user on the entire domain.
Regards,
Rob.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
according to RobSampson's answer, you need to modify it a little bit if you want to use that syntax (small mistype, so it won't work)

dsquery user -name * -limit 0| dsmod user -disabled no -canchpwd no
0
 
RobSampsonCommented:
Oh yeah, thanks iSiek....forgot about the -name parameter.
Rob.
0
 
BeevasAuthor Commented:
Seems to work great when I specifiy a OU. But it doesnt seem to transverse the OU's when I just put in the domain....


Thanks
0
 
RobSampsonCommented:
Instead of just putting in the domain, use iSiek's command, which uses *
Regards,
Rob.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now