Bulk Password password reset

I need to reset password for all users except 1 user within Active directory.
All users are in same OU (organizational unit).

What is a easiest way to do it?

Environment is windows server 2008 and exchange 2010
Who is Participating?
Vaseem MohammedConnect With a Mentor Commented:
$NewPassword = Read-Host -asSecureString "New Password"
$UserList = Get-ADUser -Filter * -SearchBase 'OU=Users,OU=customers,DC=Abc,DC=efg,DC=Local' | Where{$_.SAMAccountName -notlike '*John_user*'}
Foreach($User in $UserList){
 Set-ADAccountPassword -Identity $User.SAMAccountName -NewPassword $NewPassword
This should work.
DeadmanIT ConsultantCommented:
The following PowerShell V1 script will reset the password for all users in a specified OU, and also expire the password so it must be changed at next logon:
# Specify the OU.
$OU = [ADSI]"LDAP://ou=West,dc=MyDomain,dc=com"

# Enumerate all objects in the OU.
$arrChildren = $OU.Get_Children()
ForEach ($User In $arrChildren)
    # Only consider user objects.
    If ($User.Class -eq "user")
        # Set password.
        $User.Invoke("SetPassword", "pAs$w0rd")
        # Expire the password.
        $User.pwdLastSet = 0

Source:- https://social.technet.microsoft.com/Forums/windowsserver/en-US/b0c2e59f-522e-40a3-ab12-3a95d045d6a8/how-can-reset-password-of-bulk-users-in-one-time-through-ad-or-script?forum=winserverpowershell
DeadmanIT ConsultantCommented:
Or use the following command in command line will achieve your desired result:

DSQUERY user "OU=myOU,OU=myUsers,DC=myDomain,DC=loc" -limit 0 | DSMOD user -pwd <insert new password here>

Replace "OU=myOU,OU=myUsers,DC=myDomain,DC=loc" with the distinguishedName of the OU containing the users to be changed
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Vaseem MohammedCommented:
I use this powershell code, for excluding few users.

$NewPassword = Read-Host -asSecureString "New Password"
$UserList = Get-ADUser -Filter * -SearchBase 'OU=OUName,DC=Domain,DC=com' | Where{$_.SAMAccountName -notlike '*username*'}
Foreach($User in $UserList){
 Set-ADAccountPassword -Identity $User.SAMAccountName -NewPassword $NewPassword

Open in new window

itadminhelpAuthor Commented:
Thanks guys,

I am really new to PowerShell and scripting. So, bit confused to follow this instruction.

When i look at my AD I see as follows.

Domain: abc.efg.local (For example)

Then I have OU called “Customers” then “Users” underneath that.

All users are in “Users”  OU. I do not want to reset password for just 1 user within that OU. Name of that user is “John” , say username is “john_user”.

I have opened up windows PowerShell on my windows 2008  server.

What do I do now?
How do I run script?
Do i have to type it line by line?
DeadmanIT ConsultantCommented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.