Tuesday, 18 November 2014

Reset AD User Password using Powershell script

In this article, I am going write Powershell script samples to Reset AD user Password and Reset Bulk AD user's Password from CSV file. You can change and reset an Active Directory account password using the Powershell cmdlet Set-ADAccountPassword.

Change Password Syntax:
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] [-OldPassword <SecurePwd>]
Reset Password Syntax:
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] -Reset
- The Identity parameter specifies the Active Directory user account which you want to reset password.

Summary:


Reset AD User Password using Powershell cmdlet

You can reset a single Active Directory user password using below powershel command by passing user's samAccountName, you can also use user's GUID or DN instead of samAccountName.
Import-Module ActiveDirectory
# Set the new password
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force 
Set-ADAccountPassword -Identity Smith -NewPassword $newPassword -Reset

Reset set of Active Directory User's Password

The below powershell command reset all the user's password from TestOU because I have used this LDAP filter '(name=*)'. You can use your own LDAPfilter and SearchBase to select set of users to reset password.
Import-Module ActiveDirectory
$newPassword = ConvertTo-SecureString -AsPlainText “MyP@ssw0rd” -Force 
Get-ADUser -LDAPfilter '(name=*)'`
  -SearchBase "OU=TestOU,DC=TestDomain,DC=local" | 
Set-ADAccountPassword  -NewPassword $newPassword -Reset

Bulk AD Users Password Reset from CSV

   1. Consider the CSV file ADUsers.csv (Ex file: Download ADUsers.csv) which contains set of Active Directory users to reset password with the attribute samAccountName.

Reset Bulk AD Users Password from CSV using Powershell script

   2. Copy the below Powershell script and paste in Notepad file.
   3. Change the ADUsers.csv file path with your own csv file path.
   4. SaveAs the Notepad file with the extension .ps1 like Reset-Bulk-AD-Users-Pwd-FromCSV.ps1

Powershell script as file: Download Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Import-Module ActiveDirectory
# Set the new password
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force 
# Import users from CSV
Import-Csv "C:\Scripts\ADUsers.csv" | ForEach-Object {
 $samAccountName = $_."samAccountName" 

# Reset user password.
Set-ADAccountPassword -Identity $samAccountName -NewPassword $newPassword -Reset

# Force user to reset password at next logon.
# Remove this line if not needed for you
Set-AdUser -Identity $samAccountName -ChangePasswordAtLogon $true
Write-Host " AD Password has been reset for: "$samAccountName
}
   5. Now run the file Reset-Bulk-AD-Users-Pwd-FromCSV.ps1 from Powershell command to reset bulk AD user's password from CSV file.
PS C:\Scripts>  .\Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Modify Bulk AD Users Password from CSV using Powershell script

Thanks,
Morgan

Advertisements
Advertisements

No comments:

Post a Comment