Automatically Set the pwdLastSet Attribute in Active Directory

Cedar Crest College
Cedar Crest College used Ask the Experts™
on
Is there any tool or script that can be used to touch the pwdLastSet attribute in Active Directory with the current time/date?

I know how to do it manually - but I have 1,600 accounts that need to be touched without actually resetting their passwords.

Any help would be greatly appreciated.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Architect
Distinguished Expert 2018
Commented:
what you can do, download tool like bulk ad users from wisesoft and add those all users as list thereand right click list and click on bulk update

There go to account tab and click "user must change password at next logon" and apply the changes

again select all users in list and from account tab undone changes done above, it will set password last set date to current date for all users

basically toggle Pwdlastset value to 0 first and -1 again

or you can use script

$allusers = Get-ADUser -Filter * -Properties PwdLastSet

foreach ($user in $allusers) {

$user.pwdlastset = 0

Set-ADUser -Instance $user

$user.pwdlastset = -1

Set-ADUser -Instance $user

}

Open in new window

Author

Commented:
Thank you!  I downloaded Bulk AD Users from Wisesoft, it did the trick!!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial