Solved

Script to enable all user accounts.

Posted on 2010-08-13
9
397 Views
Last Modified: 2012-05-10
Hi,

I need a script that will enable all user accounts in our domain.  Also I would like to set their account to not be able to change their passwords.

Thanks in advancce!!

Glenn
0
Comment
Question by:Beevas
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 6

Expert Comment

by:Dangle79
ID: 33431990
not necessary unless you've got an insane number of user accounts

create a saved query in ADUC to return all users at the root OU for the users you wish to perform this action on.
(&(objectCategory=person)(objectClass=user)(name=*))

when the list gets populated, select all (ctrl+a) right-click, Enable Account
right-click, Properties, account tab, check box for User cannot change password
0
 
LVL 6

Expert Comment

by:Dangle79
ID: 33432007
there's a caveat to my caveat. i was able to get the account tab to load with all 2500+ of my users selected without ADUC barfing on it. So it should handle at least that many, just takes a bit to chew on all of it
0
 

Author Comment

by:Beevas
ID: 33432090
I have about 20,000 users......
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:Dangle79
ID: 33432137
hmmm, yeah, that's a lot more
if it's a one time deal you could just select chunks at a time
i just veer away from scripting against my AD as i don't have a test domain. scares me
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 33435099
Hi, this would do that on a test OU:

dsquery user -limit 0 OU=Test,DC=Domain,DC=Com | dsmod -disabled no -canchpwd no
 
If that works successfully, just use

dsquery user -limit 0 DC=Domain,DC=Com | dsmod -disabled no -canchpwd no
to do the same thing for every user on the entire domain.
Regards,
Rob.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33440567
according to RobSampson's answer, you need to modify it a little bit if you want to use that syntax (small mistype, so it won't work)

dsquery user -name * -limit 0| dsmod user -disabled no -canchpwd no
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33442295
Oh yeah, thanks iSiek....forgot about the -name parameter.
Rob.
0
 

Author Comment

by:Beevas
ID: 33447741
Seems to work great when I specifiy a OU. But it doesnt seem to transverse the OU's when I just put in the domain....


Thanks
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 33450201
Instead of just putting in the domain, use iSiek's command, which uses *
Regards,
Rob.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question