?
Solved

How to force users to change NT password

Posted on 2014-04-23
3
Medium Priority
?
272 Views
Last Modified: 2014-04-23
Hello,

Is there a way to run a script, command or something to force users to change their NT password on their next logon? We can force it by checking the box under Account tab on Users/Computers but it will be hard to do that with over 500 users.

Thank you in advance!
0
Comment
Question by:Help DeskLF
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 40018457
you should be able to do this with set-aduser

Something like below should work.
What it does principally is set the flag to 0 so the user has to change their password the next time they login.
import-module ac*
gc users.csv | %{
$samaccountname = $_
Get-ADUser $samaccountname -Properties pwdLastSet   | Set-ADUser -Instance $_.pwdLastSet = 0 
}

Open in new window


One of the PS gurus could probably make this a lot cleaner but that is the idea
0
 
LVL 9

Accepted Solution

by:
WebDevEM earned 1600 total points
ID: 40018458
Hi,

I would look at PowerShell for that... there's a conversation at http://community.spiceworks.com/topic/336109-need-to-force-all-users-to-change-password-at-next-logon which has some good discussion and examples.  The basic idea is this:
get-aduser -Filter * -SearchBase "OU=Users,DC=example,DC=com" | set-aduser -ChangePasswordAtLogon $True

Open in new window


Hope this gets you on the right track - I'm fairly new to PS scripting, but that seems to be the way to go for something like this.

WebDevEM
0
 
LVL 29

Expert Comment

by:becraig
ID: 40018475
you can also if you have the user SAM accounts run

import-module ac*
gc users.csv | %{
$samaccountname = $_
Set-ADUser -Identity $samaccountname -ChangePasswordAtNextLogon $true
}
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question