'PowerShell: force password change at the next logon for multiple users
I'm new to PowerShell and am still learning the ropes. I want to create a script for work that I can force a change at the next logon for many users.
I have this:
Set-ADAccountPassword -Identity -ChangePasswordAtLogon:$True -path 'C:\users\mohahigg\desktop\userpassword.txt' (ConvertTo-SecureString 'password2022' -AsPlainText -Force)
I know it's not the best, but what went wrong (in detail), and how can I fix it?
Solution 1:[1]
First, you need to extract the username from the text file. You've chosen an odd way of doing it. If it's just one user, you could simply write the name in the command instead of in a file. However, we will get the username and set it in the $user variable:
$user = Get-Content 'C:\users\mohahigg\desktop\userpassword.txt'
Next, we will reset the user's password.
-Pathis not a valid parameter for theSet-ADAccountPasswordcommand-ChangePasswordAtLogonis also not a valid parameter
See all parameters in the official documentation: Set-ADAccountPassword
Set-ADAccountPassword -Identity $user -NewPassword (ConvertTo-SecureString 'password2022' -AsPlainText -Force) -Reset
Lastly, we will force the password change at the next logon, which is done in another command, Set-ADUser. See the official documentation for this: Set-ADUser.
Set-ADUser -Identity $user -ChangePasswordAtLogon $true
Putting it all together:
$user = Get-Content 'C:\users\mohahigg\desktop\userpassword.txt'
Set-ADAccountPassword -Identity $user -NewPassword (ConvertTo-SecureString 'password2022' -AsPlainText -Force) -Reset
Set-ADUser -Identity $user -ChangePasswordAtLogon $true
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Peter Mortensen |