Solved

Bulk Password password reset

Posted on 2014-12-28
6
131 Views
Last Modified: 2015-03-16
I need to reset password for all users except 1 user within Active directory.
All users are in same OU (organizational unit).

What is a easiest way to do it?

Environment is windows server 2008 and exchange 2010
0
Comment
Question by:itadminhelp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 7

Expert Comment

by:Deadman
ID: 40521350
The following PowerShell V1 script will reset the password for all users in a specified OU, and also expire the password so it must be changed at next logon:
 
# Specify the OU.
$OU = [ADSI]"LDAP://ou=West,dc=MyDomain,dc=com"

# Enumerate all objects in the OU.
$arrChildren = $OU.Get_Children()
ForEach ($User In $arrChildren)
{
    # Only consider user objects.
    If ($User.Class -eq "user")
    {
        # Set password.
        $User.Invoke("SetPassword", "pAs$w0rd")
        # Expire the password.
        $User.pwdLastSet = 0
        $User.SetInfo()
    }
}

Source:- https://social.technet.microsoft.com/Forums/windowsserver/en-US/b0c2e59f-522e-40a3-ab12-3a95d045d6a8/how-can-reset-password-of-bulk-users-in-one-time-through-ad-or-script?forum=winserverpowershell
0
 
LVL 7

Expert Comment

by:Deadman
ID: 40521354
Or use the following command in command line will achieve your desired result:

DSQUERY user "OU=myOU,OU=myUsers,DC=myDomain,DC=loc" -limit 0 | DSMOD user -pwd <insert new password here>

Replace "OU=myOU,OU=myUsers,DC=myDomain,DC=loc" with the distinguishedName of the OU containing the users to be changed
0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 40521366
I use this powershell code, for excluding few users.

$NewPassword = Read-Host -asSecureString "New Password"
$UserList = Get-ADUser -Filter * -SearchBase 'OU=OUName,DC=Domain,DC=com' | Where{$_.SAMAccountName -notlike '*username*'}
Foreach($User in $UserList){
 Set-ADAccountPassword -Identity $User.SAMAccountName -NewPassword $NewPassword
}

Open in new window

0
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

 

Author Comment

by:itadminhelp
ID: 40522981
Thanks guys,

I am really new to PowerShell and scripting. So, bit confused to follow this instruction.

When i look at my AD I see as follows.

Domain: abc.efg.local (For example)

Then I have OU called “Customers” then “Users” underneath that.

All users are in “Users”  OU. I do not want to reset password for just 1 user within that OU. Name of that user is “John” , say username is “john_user”.

I have opened up windows PowerShell on my windows 2008  server.

What do I do now?
How do I run script?
Do i have to type it line by line?
0
 
LVL 7

Expert Comment

by:Deadman
ID: 40523160
0
 
LVL 12

Accepted Solution

by:
Vaseem Mohammed earned 500 total points
ID: 40523165
$NewPassword = Read-Host -asSecureString "New Password"
$UserList = Get-ADUser -Filter * -SearchBase 'OU=Users,OU=customers,DC=Abc,DC=efg,DC=Local' | Where{$_.SAMAccountName -notlike '*John_user*'}
Foreach($User in $UserList){
 Set-ADAccountPassword -Identity $User.SAMAccountName -NewPassword $NewPassword
}
This should work.
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every system administrator encounters once in while in a problem where the solution seems to be a needle in haystack.  My needle was an anti-virus version causing problems with my Exchange server. I have an HP DL350 with Windows Server 2008 Stand…
1. Boot PC and press F10, select storage options and change the compatibility from “AHCI” to “IDE”, save and exit 2. Boot PC and press F12 3. Upon PXE display of searching for DHCP server, press Pause break to obtain MAC address 3. Open Configu…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question