Tuesday, 12 December 2017

Reset Office 365 User Password using PowerShell

As you know Office 365 user identities are stored in Azure Active Directory, we can use the Azure AD powershell cmdlet Set-MsolUserPassword to set password of a user. You may already used the Set-MsolUser cmdlet to update user properties but we can't use the same command to change password.

Note: Before proceed, Install and Configure Azure AD PowerShell and run the following command to connect Azure AD powershell module.
Import-Module MSOnline
$msolCred = Get-Credential
Connect-MsolService –Credential $msolCred


Set Password for Single User:

Run the below command to change the password for a single O365 user.
Set-MsolUserPassword –UserPrincipalName "user@domain.com" –NewPassword "pass@word1" -ForceChangePassword $False
Note: If you are Help Desk admin and you are resetting one time password for your end-user, you need to set the parameter -ForceChangePassword as $True, it will force the users to change their password from the portal the next time they sign-in.

You can find whether an user's password is set or not by getting user's password last set time by using Get-MsolUser cmdlet.
Get-MSOLUser -UserPrincipalName "user@domain.com" | Select DisplayName,LastPasswordChangeTimestamp

Change Password for Multiple Users:

In some scenarios, you might want to set temporary password for set of new users who are created in recent days. We can get the recently created users using Get-MsolUser cmdlet. The below command set temporary password for bulk users who are created in last 7 days, you can change the no of days or the Where filter as per your need.
Get-MsolUser -All | Where-Object { $_.WhenCreated –gt ([System.DateTime]::Now).AddDays(-7)} |
Set-MsolUserPassword –NewPassword "pass@word1" -ForceChangePassword $True

Reset Bulk Office 365 Users Password from CSV file

In some scenarios, we may required to set password for bulk azure ad users by importing user identities from csv file. Consider the CSV file office365users.csv which contains every user's userPrincipalName in each row with the column header UserPrincipalName.
Import-Csv 'C:\office365users.csv' | ForEach-Object {
$upn = $_."UserPrincipalName"
$tempPwd = "pass@word1"
Set-MsolUserPassword -UserPrincipalName $upn –NewPassword $tempPwd -ForceChangePassword $True


No comments:

Post a Comment