mnoisette
asked on
Active Directory Script
I imported 50 or so users to an OU called Test using CSVDE. Once they were imported, all of the accounts were disabled and of course no passwords were added.
I need a script to do the following three things:
1. Enable all the accounts in that OU
2. Create a default password for all those users in that OU
3. Set the password property to "Password never expires" for all the users in that OU
I need a script to do the following three things:
1. Enable all the accounts in that OU
2. Create a default password for all those users in that OU
3. Set the password property to "Password never expires" for all the users in that OU
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If using dsmod you will need to set a password before you enable the account
dsmod -pwd NewPassword
dsmod -pwd NewPassword
ASKER
Foreach ($user in (get-qaduser -searchroot "OU=New_Users,DC=DOMAIN,DC =LOCAL"){
Set-qaduser $User -userpassword 'Password1' -passwordneverexpires:$Tru e -enabled:$true
enable-qaduser $User
}
I'm getting an error when I run this... Can you check to see if there maybe a syntax problem?
Set-qaduser $User -userpassword 'Password1' -passwordneverexpires:$Tru
enable-qaduser $User
}
I'm getting an error when I run this... Can you check to see if there maybe a syntax problem?
What error are you getting? Did you change the base OU to search?
Try this one, i did have a syntax error and forgot to remove one thing from the post.
Foreach ($user in (get-qaduser -searchroot "OU=New_Users,DC=DEVLAB,DC=LOCAL")){
Set-qaduser $User -userpassword 'Password1' -passwordneverexpires:$True
enable-qaduser $User
}
ASKER
PS C:\Documents and Settings\mnoisette> Foreach ($user in (get-qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca l"){Set-qu a
duser $User -userpassword 'P@ssw0rd' -passwordneverexpires:$Tru e -enabled:$True enable-qaduser $User}
Unexpected token '{' in expression or statement.
At line:1 char:74
+ Foreach ($user in (get-qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca l"){ <<<< Set-quaduser $User -userpassword 'P@ssw0rd' -passwordneverexpires:$Tru e -enabled:$True enable-qaduser $User}
+ CategoryInfo : ParserError: ({:String) [], ParentContainsErrorRecordE xception
+ FullyQualifiedErrorId : UnexpectedToken
PS C:\Documents and Settings\mnoisette>
duser $User -userpassword 'P@ssw0rd' -passwordneverexpires:$Tru
Unexpected token '{' in expression or statement.
At line:1 char:74
+ Foreach ($user in (get-qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca
+ CategoryInfo : ParserError: ({:String) [], ParentContainsErrorRecordE
+ FullyQualifiedErrorId : UnexpectedToken
PS C:\Documents and Settings\mnoisette>
ASKER
This is the error that I am still getting....
PS C:\Documents and Settings\mnoisette> Foreach ($user in(get -qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca l")){Set -qaduser $user -userpassword 'P@ssw0rd' -passwordneverexpires:$Tru e enable -qaduser $True}
The term 'get' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:22
+ Foreach ($user in(get <<<< -qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca l")){Set -qaduser $user -userpassword 'P@s
sw0rd' -passwordneverexpires:$Tru e enable -qaduser $True}
+ CategoryInfo : ObjectNotFound: (get:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
PS C:\Documents and Settings\mnoisette> Foreach ($user in(get -qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca
The term 'get' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:22
+ Foreach ($user in(get <<<< -qaduser -searchroot "OU=Test,DC=SCRBC2,DC=Loca
sw0rd' -passwordneverexpires:$Tru
+ CategoryInfo : ObjectNotFound: (get:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
It looks like there is a space between "get" and "-qaduser"
and same with set-qaduser
and same with set-qaduser
should also do the job without powershell.
If it's not working, start with the first command (dsquery). This will show you the list of the 50 users. When this one works, add dsmod.