Table of Contents
Question
I have a CSV file that looks like this:
Name,Logon Name ,Password
Christopher Smith,Csmith,Peacemaker1234
Emilia Harcourt,EHarcourt,Agent1234
Adrian Chase,AChase,Vigilante1234
I need the PowerShell script which will reset the password for all users in specified OU.
To change and reset an Active Directory user account password using the PowerShell cmdlet Set-ADAccountPassword
Change Password Syntax
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] [-OldPassword <SecurePwd>]
Reset Password Syntax
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] -Reset
Note: The Identity parameter specifies the Active Directory user account which you want to reset password.
Solution 1: PowerShell script to bulk reset AD user’s password
Import-Module ActiveDirectory
# Import users from CSV
Import-Csv "C:\ScriptsADUsers.csv" | ForEach-Object {
$samAccountName = $_."Logon Name"
# Importpassword and set to securestring
$Password = $_."Password"
$newPassword = ConvertTo-SecureString -AsPlainText $Password -Force
# Reset user password.
Set-ADAccountPassword -Identity $samAccountName -NewPassword $newPassword -Reset
# Force user to reset password at next logon.
# Remove this line if not needed for you
Set-AdUser -Identity $samAccountName -ChangePasswordAtLogon $true
Write-Host " AD Password has been reset for: "$samAccountName
}
Solution 2: PowerShell script to bulk reset AD user’s password
Step 1: Create a CSV file called ADUsers.csv which contains set of Active Directory users to reset password with the attribute samAccountName.
Step 2: Copy the following PowerShell script and paste in Notepad file:
Import-Module ActiveDirectory
# Set the new password
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force
# Import users from CSV
Import-Csv "C:\ScriptsADUsers.csv" | ForEach-Object {
$samAccountName = $_."samAccountName"
#Un-comment the below line if your CSV file includes password for all users
#$newPassword = ConvertTo-SecureString -AsPlainText $_."Password" -Force
# Reset user password.
Set-ADAccountPassword -Identity $samAccountName -NewPassword $newPassword -Reset
# Force user to reset password at next logon.
# Remove this line if not needed for you
Set-AdUser -Identity $samAccountName -ChangePasswordAtLogon $true
Write-Host " AD Password has been reset for: "$samAccountName
}
Note: Change the ADUsers.csv file path with your own csv file path.
Step 3: Save the Notepad file with the extension .ps1 like Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Step 4: Double-click on the file Reset-Bulk-AD-Users-Pwd-FromCSV.ps1 to bulk reset AD user’s password from CSV file. Alternatively, you can execute the following command:
PS C:Scripts> .Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Solution 3: Reset single AD user’s password using Powershell cmdlet
Reset a single Active Directory user’s password using the following PowerShell command by passing user’s samAccountName, user’s GUID or DN instead of samAccountName.
Import-Module ActiveDirectory
# Set the new password
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force
Set-ADAccountPassword -Identity Smith -NewPassword $newPassword -Reset
Solution 4: Reset group of Active Directory user’s password in specified OU
Execute the following PowerShell command to reset all the user’s password in specified OU using LDAP filter ‘(name=*)‘ or SearchBase to select set of users to reset password.
Import-Module ActiveDirectory
$newPassword = ConvertTo-SecureString -AsPlainText “MyP@ssw0rd” -Force
Get-ADUser -LDAPfilter '(name=*)'`
-SearchBase "OU=TestOU,DC=TestDomain,DC=local" |
Set-ADAccountPassword -NewPassword $newPassword -Reset