Automatically Set the pwdLastSet Attribute in Active Directory

Cedar Crest College
Cedar Crest College used Ask the Experts™
Is there any tool or script that can be used to touch the pwdLastSet attribute in Active Directory with the current time/date?

I know how to do it manually - but I have 1,600 accounts that need to be touched without actually resetting their passwords.

Any help would be greatly appreciated.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2018
what you can do, download tool like bulk ad users from wisesoft and add those all users as list thereand right click list and click on bulk update

There go to account tab and click "user must change password at next logon" and apply the changes

again select all users in list and from account tab undone changes done above, it will set password last set date to current date for all users

basically toggle Pwdlastset value to 0 first and -1 again

or you can use script

$allusers = Get-ADUser -Filter * -Properties PwdLastSet

foreach ($user in $allusers) {

$user.pwdlastset = 0

Set-ADUser -Instance $user

$user.pwdlastset = -1

Set-ADUser -Instance $user


Open in new window


Thank you!  I downloaded Bulk AD Users from Wisesoft, it did the trick!!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial