Wednesday, 26 November 2014

Reset Bulk AD Users Password from CSV with Powershell

In this article, I am going write Powershell script samples to Reset Bulk AD User's Password from CSV file and Reset set of Active Directory User's Password. You can reset an Active Directory account password using the Powershell cmdlet Set-ADAccountPassword.

Reset Password Syntax:
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] -Reset
- The Identity parameter specifies the Active Directory user account which you want to reset password.

Reset Bulk AD Users Password from CSV

   1. Consider the CSV file ADUsers.csv (Ex file: Download ADUsers.csv) which contains set of Active Directory users to reset password with the attribute samAccountName.

Reset Bulk AD Users Password from CSV using Powershell script

   2. Copy the below Powershell script and paste in Notepad file.
   3. Change the ADUsers.csv file path with your own csv file path.
   4. SaveAs the Notepad file with the extension .ps1 like Reset-Bulk-AD-Users-Pwd-FromCSV.ps1

Powershell script as file: Download Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Import-Module ActiveDirectory
# Set the new password
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force 
# Import users from CSV
Import-Csv "C:\Scripts\ADUsers.csv" | ForEach-Object {
 $samAccountName = $_."samAccountName" 

# Reset user password.
Set-ADAccountPassword -Identity $samAccountName -NewPassword $newPassword -Reset

# Force user to reset password at next logon.
# Remove this line if not needed for you
Set-AdUser -Identity $samAccountName -ChangePasswordAtLogon $true
Write-Host " AD Password has been reset for: "$samAccountName
}
   5. Now run the file Reset-Bulk-AD-Users-Pwd-FromCSV.ps1 from Powershell command to reset bulk AD user's password from CSV file.
PS C:\Scripts>  .\Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Modify Bulk AD Users Password from CSV using Powershell script


Reset set of Active Directory User's Password

The below powershell command reset all the user's password from TestOU because I have used this LDAP filter '(name=*)'. You can use your own LDAPfilter and SearchBase to select set of users to reset password.
Import-Module ActiveDirectory
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force 
Get-ADUser -LDAPfilter '(name=*)'`
  -SearchBase "OU=TestOU,DC=TestDomain,DC=local" | 
Set-ADAccountPassword  -NewPassword $newPassword -Reset

Advertisements
Advertisements

5 comments:

  1. Replies
    1. Hi Mark, can u explain what kind of details u want?

      Delete
  2. Howto execute this script for randomized passwords? I mean, each user has to get a unique password?

    ReplyDelete
    Replies
    1. check this article to generate random ad password: http://www.morgantechspace.com/2016/03/generate-random-password-for-ad-using-powershell.html

      Delete
  3. Thanks a lot for posting.

    You made it quite simple to understand.

    Well done ;-)

    ReplyDelete