Continuing from yesterday’s post today I’ll show you how manage and control users’ password settings using the Active directory PowerShell Module.
In this article I’m going to explore a few ways we can manage passwords using the AD Module, the first option Is setting a new password using the cmdlet below that will set a user name Dave with a new password:
Set-ADAccountPassword Dave -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "NewPass770" -Force -Verbose)
Note:
If you need to change the password to multiple users see my article, Change User Or Multiple Users Password Using PowerShell
I can also set the password to never expire using:
Set-ADUser dave -PasswordNeverExpires $true -PassThru
And force the user to change password at next logon:
Set-ADUser dave -ChangePasswordAtLogon $true -PassThru
And I can also set the user not to be able to change password:
Set-ADUser dave -CannotChangePassword $true -PassThru
I can also apply all of the above to all users under an OU as seen below:
Get-ADUser -Filter 'Name -like "*"' -SearchBase 'OU=dev,DC=test,DC=local' | Set-ADUser -PasswordNeverExpires $false -Verbose -PassThru