How to force users to change NT password

Hello,

Is there a way to run a script, command or something to force users to change their NT password on their next logon? We can force it by checking the box under Account tab on Users/Computers but it will be hard to do that with over 500 users.

Thank you in advance!
Help DeskLFAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
WebDevEMConnect With a Mentor Commented:
Hi,

I would look at PowerShell for that... there's a conversation at http://community.spiceworks.com/topic/336109-need-to-force-all-users-to-change-password-at-next-logon which has some good discussion and examples.  The basic idea is this:
get-aduser -Filter * -SearchBase "OU=Users,DC=example,DC=com" | set-aduser -ChangePasswordAtLogon $True

Open in new window


Hope this gets you on the right track - I'm fairly new to PS scripting, but that seems to be the way to go for something like this.

WebDevEM
0
 
becraigCommented:
you should be able to do this with set-aduser

Something like below should work.
What it does principally is set the flag to 0 so the user has to change their password the next time they login.
import-module ac*
gc users.csv | %{
$samaccountname = $_
Get-ADUser $samaccountname -Properties pwdLastSet   | Set-ADUser -Instance $_.pwdLastSet = 0 
}

Open in new window


One of the PS gurus could probably make this a lot cleaner but that is the idea
0
 
becraigCommented:
you can also if you have the user SAM accounts run

import-module ac*
gc users.csv | %{
$samaccountname = $_
Set-ADUser -Identity $samaccountname -ChangePasswordAtNextLogon $true
}
0
All Courses

From novice to tech pro — start learning today.