Link to home
Start Free TrialLog in
Avatar of itadminhelp
itadminhelpFlag for Australia

asked on

Bulk Password password reset

I need to reset password for all users except 1 user within Active directory.
All users are in same OU (organizational unit).

What is a easiest way to do it?

Environment is windows server 2008 and exchange 2010
Avatar of Deadman
Deadman
Flag of India image
The following PowerShell V1 script will reset the password for all users in a specified OU, and also expire the password so it must be changed at next logon:
 
# Specify the OU.
$OU = [ADSI]"LDAP://ou=West,dc=MyDomain,dc=com"

# Enumerate all objects in the OU.
$arrChildren = $OU.Get_Children()
ForEach ($User In $arrChildren)
{
    # Only consider user objects.
    If ($User.Class -eq "user")
    {
        # Set password.
        $User.Invoke("SetPassword", "pAs$w0rd")
        # Expire the password.
        $User.pwdLastSet = 0
        $User.SetInfo()
    }
}

Source:- https://social.technet.microsoft.com/Forums/windowsserver/en-US/b0c2e59f-522e-40a3-ab12-3a95d045d6a8/how-can-reset-password-of-bulk-users-in-one-time-through-ad-or-script?forum=winserverpowershell
Avatar of Deadman
Deadman
Flag of India image
Or use the following command in command line will achieve your desired result:

DSQUERY user "OU=myOU,OU=myUsers,DC=myDomain,DC=loc" -limit 0 | DSMOD user -pwd <insert new password here>

Replace "OU=myOU,OU=myUsers,DC=myDomain,DC=loc" with the distinguishedName of the OU containing the users to be changed
Avatar of Wasim Shaikh
Wasim Shaikh
Flag of United Arab Emirates image
I use this powershell code, for excluding few users.

$NewPassword = Read-Host -asSecureString "New Password"
$UserList = Get-ADUser -Filter * -SearchBase 'OU=OUName,DC=Domain,DC=com' | Where{$_.SAMAccountName -notlike '*username*'}
Foreach($User in $UserList){
 Set-ADAccountPassword -Identity $User.SAMAccountName -NewPassword $NewPassword
}

Open in new window

Avatar of itadminhelp
itadminhelp
Flag of Australia image

ASKER

Thanks guys,

I am really new to PowerShell and scripting. So, bit confused to follow this instruction.

When i look at my AD I see as follows.

Domain: abc.efg.local (For example)

Then I have OU called “Customers” then “Users” underneath that.

All users are in “Users”  OU. I do not want to reset password for just 1 user within that OU. Name of that user is “John” , say username is “john_user”.

I have opened up windows PowerShell on my windows 2008  server.

What do I do now?
How do I run script?
Do i have to type it line by line?
ASKER CERTIFIED SOLUTION
Avatar of Wasim Shaikh
Wasim Shaikh
Flag of United Arab Emirates image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial