David Sankovsky
asked on
Locate all mailboxes with a certain password
Hello Experts,
A couple of days ago, we "Inherited" a multi UPN Exchange 2010 environment (Complete with the accompanying DC and everything).
A short discussion with the previous Helpdesk Team let me into a horrifying fact, about 90% or so of all users have the same password!
I need a script that will run over the entire DC, and will try (Only once) to login into each mailbox with the password in question and will tell me which usersnames (And their respective email addresses) are using said password - exported into CSV. is that at all possible?
A couple of days ago, we "Inherited" a multi UPN Exchange 2010 environment (Complete with the accompanying DC and everything).
A short discussion with the previous Helpdesk Team let me into a horrifying fact, about 90% or so of all users have the same password!
I need a script that will run over the entire DC, and will try (Only once) to login into each mailbox with the password in question and will tell me which usersnames (And their respective email addresses) are using said password - exported into CSV. is that at all possible?
ASKER
Hi, McKnife, Thanks for your comment!
Well the passwords Are identical, but I do need it in to exported into a single CSV or Excel file which will include usernames and associated email addresses - not to mention I don't have a text file of all users.
Further, I don't have a share (Nor do I wish to open one) for all the users until I've fixed the issue at hand!
Well the passwords Are identical, but I do need it in to exported into a single CSV or Excel file which will include usernames and associated email addresses - not to mention I don't have a text file of all users.
Further, I don't have a share (Nor do I wish to open one) for all the users until I've fixed the issue at hand!
ASKER
I've found something that might work, But I need help with getting it to run through ALL the users in the AD, and to output the username and the associated email address into CSV:
function Test-ADCredential {
[CmdletBinding()]
Param
(
[string]$UserName,
[string]$Password
)
if (!($UserName) -or !($Password)) {
Write-Warning 'Test-ADCredential: Please specify both user name and password'
} else {
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
$DS.ValidateCredentials($UserName, $Password)
}
}
Using the function you have, you could use this script from the Exchange Management Shell. Change the PWDtest variable to the password you're testing for.
$PWDtest = 'P@$$w0rd!'
function Test-ADCredential {
[CmdletBinding()]
Param
(
[string]$UserName,
[string]$Password
)
if (!($UserName) -or !($Password)) {
Write-Warning 'Test-ADCredential: Please specify both user name and password'
} else {
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
$DS.ValidateCredentials($UserName, $Password)
}
}
Get-User -ResultSize Unlimited | % {
If(Test-ADCredential -UserName $_.SamAccountName -Password $PWDtest){
$_ | Select SamAccountName,WindowsEmailAddress | Export-Csv C:\Results.csv -NoTypeInformation -Append
}
}
ASKER
I tried Running the script And, well.. it sorta worked, but it threw an error on the append switch - and when I checked the documentation it really doesn't exists
When I tried Running it without the Append switch, the CSV only returned one line
Any Ideas?
ForEach-Object : A parameter cannot be found that matches parameter name 'Append'.
At C:\Users\gnsadmin\Desktop\Password.p s1:20 char:35
+ Get-User -ResultSize Unlimited | % <<<< {
+ CategoryInfo : InvalidArgument: (:) [ForEach-Object], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.Pow erShell.Co mmands.For EachObject Command
When I tried Running it without the Append switch, the CSV only returned one line
Any Ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Worked like a charm. Thank you very much!
Open in new window
This will create a textfile for each user that uses this password in \\server\anothershare\