Is there an easy way to change users passwords for over 100 staff? This is Active Directory. Win 2012/2016

We need to change over 100 users passwords.  Is there any easy way to do this.  We are using Active Directory, Win 2012 and 2016
J.R. SitmanIT DirectorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeremy WeisingerSenior Network Consultant / EngineerCommented:
The Set-ADAccountPassword cmdlet can do it.

https://docs.microsoft.com/en-us/powershell/module/addsadministration/set-adaccountpassword?view=win10-ps

Is the list of users in a text file or something? It could be easily scripted with pulling from a text file or a query filter.
0
Exchange UserSystems AdministratorCommented:
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
If you use that gallery script, be sure to test it as it's only been validated on 2008 and 2008r2. Personally I would go with the Microsoft cmdlets over a custom module.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

J.R. SitmanIT DirectorAuthor Commented:
Thanks, but I have ZERO experience with Powershell.  I would not be comfortable running a script.
0
MilesLoganCommented:
hello , if you dont want to run a script ,, this is a GUI that will allow you to do this .. its very easy to use.

http://www.wisesoft.co.uk/software/bulkadusers/default.aspx
0
McKnifeCommented:
The latter tool might be the easiest way for you, but I strongly recommend to become familiar with PowerShell basics. You don't need to learn the whole thing, but invest in a beginners course or see if you can find online tutorials. For bulk operations, this is SO useful.

I have a question for you, nevertheless: what would you want to change the password to? Will those users get the same passwords? That is not advisable. If it's however not the same password, I will give you an example on how to proceed: On your DC, place a userlist (c:\temp\list.txt) and use this command on the command line:
for /f %a in (c:\temp\list.txt) do net user %a /random>>c:\temp\passwords_set.txt

Open in new window

This outputfile passwords_set.txt will be a list of all usernames and (randomly) generated passwords.

Please note that these passwords are 8 characters long, which might suffice for a short time, but in secure environments, should be changed to a longer password.
0
J.R. SitmanIT DirectorAuthor Commented:
We need to change the passwords because we believe our company Facebook page was hacked.  A few users got the email that they were using porn sites and to pay the bitcoins.

I will take your suggestion and try your example.
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Instead of setting everyone's password, I would send out information on how to come up with a good password and let everyone know that passwords will expire in n days. Then at the time chosen, set everyone's account to change at next logon. That can be done from Active Directory Users and Computers. Just select all the users you want to configure, right-click and choose properties... ForcePasswordReset.png
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
J.R. SitmanIT DirectorAuthor Commented:
not a bad idea, Jeremy
0
McKnifeCommented:
Be sure to enforce password complexity and password history policies at the same time.
0
J.R. SitmanIT DirectorAuthor Commented:
got it
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Password history, yes. Password complexity... no longer recommended.

From another post of mine:
NIST, FTC, and Microsoft (and others as well) have changed their password guidance. So unless this is a requirement of some regulation you need to follow, I would consider at the very least not implementing a password age requirement. You may also want to remove the complexity requirement too.  

More info:
https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes
https://www.microsoft.com/en-us/research/wp-content/uploads/2016/06/Microsoft_Password_Guidance-1.pdf

NIST’s draft guidelines is much more exhaustive and encompasses much more than just password recommendations.
http://www.csoonline.com/article/3195181/data-protection/vendors-approve-of-nist-password-draft.html
https://pages.nist.gov/800-63-3/sp800-63b.html
0
J.R. SitmanIT DirectorAuthor Commented:
Thanks for the article but I am going to set a password age requirement.
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
That is up to you but studies have shown that doing so will cause users to choose less secure passwords.
0
J.R. SitmanIT DirectorAuthor Commented:
Thanks to all for the help.  These solutions are easiest for me.
0
McKnifeCommented:
Please acknowledge that several other comments deserve credit because they made you aware of things and questioned things. It would be better to split points, then. Next time :-)
0
J.R. SitmanIT DirectorAuthor Commented:
sorry
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.