Thursday, March 21, 2013

Bulk reset of passwords

Recently, I had to reset a whole bunch of passwords. This can be easily done via PowerShell.

$Excludes = @('user1', 'user2')
$Password = ConvertTo-SecureString -AsPlainText -Force 'mypassword'
$SearchBase = "OU=Some OU,DC=Some DC,DC=Some DC"

Import-Module ActiveDirectory

Get-ADUser -Filter * -SearchBase $SearchBase | Where-Object {$Excludes -notcontains $_.SamAccountName} | Set-ADAccountPassword -NewPassword $Password


Then to check what was done:

Get-ADUser -Filter * -Properties SamAccountName, PasswordLastSet | Select-Object SamAccountName, PasswordLastSet | Sort-Object PasswordLastSet -Descending

No comments:

Post a Comment