Change Password Syntax:
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] [-OldPassword <SecurePwd>]
Reset Password Syntax:
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] -Reset
– The Identity parameter specifies the Active Directory user account which you want to reset password.
Summary:
Reset AD User Password using Powershell cmdlet
You can reset a single Active Directory user password using below powershel command by passing user’s samAccountName, you can also use user’s GUID or DN instead of samAccountName.
Import-Module ActiveDirectory # Set the new password $newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force Set-ADAccountPassword -Identity Smith -NewPassword $newPassword -Reset
Reset set of Active Directory User’s Password
The below powershell command reset all the user’s password from TestOU because I have used this LDAP filter ‘(name=*)‘. You can use your own LDAPfilter and SearchBase to select set of users to reset password.
Import-Module ActiveDirectory $newPassword = ConvertTo-SecureString -AsPlainText “MyP@ssw0rd” -Force Get-ADUser -LDAPfilter '(name=*)'` -SearchBase "OU=TestOU,DC=TestDomain,DC=local" | Set-ADAccountPassword -NewPassword $newPassword -Reset
Bulk AD Users Password Reset from CSV
1. Consider the CSV file ADUsers.csv (Ex file: Download ADUsers.csv) which contains set of Active Directory users to reset password with the attribute samAccountName.
2. Copy the below Powershell script and paste in Notepad file.
3. Change the ADUsers.csv file path with your own csv file path.
4. SaveAs the Notepad file with the extension .ps1 like Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Powershell script as file: Download Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Import-Module ActiveDirectory # Set the new password $newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force # Import users from CSV Import-Csv "C:\ScriptsADUsers.csv" | ForEach-Object { $samAccountName = $_."samAccountName" # Reset user password. Set-ADAccountPassword -Identity $samAccountName -NewPassword $newPassword -Reset # Force user to reset password at next logon. # Remove this line if not needed for you Set-AdUser -Identity $samAccountName -ChangePasswordAtLogon $true Write-Host " AD Password has been reset for: "$samAccountName }
5. Now run the file Reset-Bulk-AD-Users-Pwd-FromCSV.ps1 from Powershell command to reset bulk AD user’s password from CSV file.
PS C:Scripts> .Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Thanks,
Morgan
Hi When I am trying to execute the below code, I am receiving the error message as shown below, please help me.
————————————–
Import-Module ActiveDirectory
# Set the new password
$newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force
Set-ADAccountPassword -Identity 44227 -NewPassword $newPassword -Reset
————————————————————————
Error Message :
Set-ADAccountPassword : A referral was returned from the server
At G:testpasswordreset.ps1:3 char:1
+ Set-ADAccountPassword -Identity 44227 -NewPassword $newPassword -Rese …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (44227:ADAccount) [Set-ADAccountPassword], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8235,Microsoft.ActiveDirectory.Management.Commands.SetADAccountP
assword