I am trying to use powershell to reset all passwords to a specific organizational unit. I have tried many different ways to get it to work but it still won't output a result. What am I missing? Is it the script or the results that I have incorrect? Help would be appreciated. CODE:
Import-Module ActiveDirectory
$users = get-aduser -filter * -properties Name, PasswordNeverExpires |
where {$_.passwordNeverExpires -eq "true" } |
select-object Distinghuishedname,name,enabled
$password = ConvertTo-SecureString -AsPlainText "NewP@$$wOrd" -force
Foreach ($user in $users)
{
Get-ADAccountPassword -NewPassword $password -Rese
}
$Results = foreach($user in $users){
Set-ADAccountPassword -NewPassword $password -reset
}
$Results
CodePudding user response:
This is how you can reset the password for all users which's Password Never Expires is set to $true.
References for userAccountControl:1.2.840.113556.1.4.803:=65536:
Since Set-ADAccountPassword doesn't produce any Output, you can use -PassThru:
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
$password = ConvertTo-SecureString -AsPlainText 'NewP@$$wOrd' -Force
$param = @{
LDAPFilter = "(userAccountControl:1.2.840.113556.1.4.803:=65536)"
SearchBase = 'OU=myOU,DC=goes,DC=here'
}
$results = Get-ADUser @param |
Set-ADAccountPassword -NewPassword $password -Reset -PassThru
$results | Format-Table