Solved

powershells cript to modify password for AD users from csv file

Posted on 2013-12-04
13
5,615 Views
Last Modified: 2013-12-11
hello,

i have windows 2008 r2 domain controller

i need a powershell script to modify an AD user password from csv file.

the csv are in this form:

user1,password
user2,password
....
where user1 is a samacountname.

if possible i need a log file to see if it sucess like this:

user1, password changed
user2,password changed
user3, password not changed (for exemple if not respect password policy)


thanks for help
0
Comment
Question by:cawasaki
  • 5
  • 3
  • 2
  • +2
13 Comments
 
LVL 19

Expert Comment

by:jss1199
Comment Utility
I use Quest's (now Dell) AD cmdlets (freeware) - http://www.quest.com/powershell/activeroles-server.aspx

$changepass = Import-csv "C:\new_user_pass.csv"

foreach($line in $changepass) {set-QADUser $line.username -UserPassword $line.password } 

Open in new window

0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 250 total points
Comment Utility
You can accomplish this with built-in cmdlets from Active Directory. Use the below script below...

Import-Module activedirectory
$Resetpassword = Import-Csv "c:\PassChange.csv"
foreach ($Account in $Resetpassword) {
$Account.sAMAccountName
$Account.Password
Set-ADAccountPassword -Identity $Account.sAMAccountName -NewPassword (ConvertTo-SecureString $Account.Password -AsPlainText -force)
}

Open in new window


Create your CSV files with the following headings...

sAMAccountName    Password
jdoe                           P@ssword
etc...

Will.
0
 

Author Comment

by:cawasaki
Comment Utility
@spec01

the file must be in this form: ???

sAMAccountName,Password
jdoe,password
steph,password
....

???

and for log file?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
Comment Utility
The sAMAccountName and Password are headings in the CSV file (column A would be sAMAccountName comlum B would be Password). There are no "," between the headings, they are heading for different columns. You then put the respective names/passwords under each heading.

As for the logging, if the password change fails you will get an error stating the name where it failed in the powershell window.

Will.
0
 

Author Comment

by:cawasaki
Comment Utility
hi,

sorry i dont understand, in the csv file you put many space:

sAMAccountName    Password
jdoe                           P@ssword
etc...

may be it an excel file?
0
 
LVL 19

Expert Comment

by:jss1199
Comment Utility
You may create the file in excel, the the two columns specified.  Simply save as type CSV
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 53

Expert Comment

by:Will Szymkowski
Comment Utility
I put spaces in my post on here to illustrate the sepration between the columns. In Excel (saved as a CSV file) you have columns A B C D etc. Use the first 2 columns A and B and put in your headings as i have described above. Continue this pattern for the actual users and passwords under there respective headings.

Will.
0
 

Author Comment

by:cawasaki
Comment Utility
Ok i will test.
Its possible to get a log file because if i lunsh the script for 100 account i cannot see all pn screen :)
Thanks for help
0
 
LVL 39

Accepted Solution

by:
footech earned 250 total points
Comment Utility
I modified Spec01's script a bit to add the logging, and also added the -reset switch needed by Set-ADAccountPassword when not providing the old password.
Import-Module activedirectory
Import-Csv "PassChange.csv" | Foreach {
    $user = $_.sAMAccountName
    $pw = $_.Password
    try {
        Set-ADAccountPassword -Identity $user -NewPassword (ConvertTo-SecureString $pw -AsPlainText -force) -Reset
        Write-Output "$user,Success"
    } catch {
        Write-Output "$user,Error"
    }
} | Out-File PassChange.log

Open in new window

1
 
LVL 3

Expert Comment

by:Detlef001
Comment Utility
0
 

Author Comment

by:cawasaki
Comment Utility
hello,

so i have an excel file, i put a column to samaccountname and one for password, after that i need to save file to csv, but i have many csn file option like csv dos, csv macintosh...

wish one i choose?

thanks
0
 
LVL 39

Expert Comment

by:footech
Comment Utility
Probably doesn't make a difference, but I wouldn't choose the Mac one.  Either ".CSV (Comma delimited)" or ".CSV (MS-DOS)" should work for you.
0
 

Author Closing Comment

by:cawasaki
Comment Utility
thank you
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
"Migrate" an SMTP relay receive connector to a new server using info from an old server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now