Solved

Script to enable all user accounts.

Posted on 2010-08-13
9
398 Views
Last Modified: 2012-05-10
Hi,

I need a script that will enable all user accounts in our domain.  Also I would like to set their account to not be able to change their passwords.

Thanks in advancce!!

Glenn
0
Comment
Question by:Beevas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 6

Expert Comment

by:Dangle79
ID: 33431990
not necessary unless you've got an insane number of user accounts

create a saved query in ADUC to return all users at the root OU for the users you wish to perform this action on.
(&(objectCategory=person)(objectClass=user)(name=*))

when the list gets populated, select all (ctrl+a) right-click, Enable Account
right-click, Properties, account tab, check box for User cannot change password
0
 
LVL 6

Expert Comment

by:Dangle79
ID: 33432007
there's a caveat to my caveat. i was able to get the account tab to load with all 2500+ of my users selected without ADUC barfing on it. So it should handle at least that many, just takes a bit to chew on all of it
0
 

Author Comment

by:Beevas
ID: 33432090
I have about 20,000 users......
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 6

Expert Comment

by:Dangle79
ID: 33432137
hmmm, yeah, that's a lot more
if it's a one time deal you could just select chunks at a time
i just veer away from scripting against my AD as i don't have a test domain. scares me
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 33435099
Hi, this would do that on a test OU:

dsquery user -limit 0 OU=Test,DC=Domain,DC=Com | dsmod -disabled no -canchpwd no
 
If that works successfully, just use

dsquery user -limit 0 DC=Domain,DC=Com | dsmod -disabled no -canchpwd no
to do the same thing for every user on the entire domain.
Regards,
Rob.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33440567
according to RobSampson's answer, you need to modify it a little bit if you want to use that syntax (small mistype, so it won't work)

dsquery user -name * -limit 0| dsmod user -disabled no -canchpwd no
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33442295
Oh yeah, thanks iSiek....forgot about the -name parameter.
Rob.
0
 

Author Comment

by:Beevas
ID: 33447741
Seems to work great when I specifiy a OU. But it doesnt seem to transverse the OU's when I just put in the domain....


Thanks
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33450201
Instead of just putting in the domain, use iSiek's command, which uses *
Regards,
Rob.
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question