Reset Password Syntax:
Set-ADAccountPassword [-Identity <adaccount>] [-NewPassword <SecurePwd>] -Reset
– The Identity parameter specifies the Active Directory user account which you want to reset password.
Reset Bulk AD Users Password from CSV
1. Consider the CSV file ADUsers.csv (Ex file: Download ADUsers.csv) which contains set of Active Directory users to reset password with the attribute samAccountName.
2. Copy the below Powershell script and paste in Notepad file.
3. Change the ADUsers.csv file path with your own csv file path.
4. SaveAs the Notepad file with the extension .ps1 like Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Powershell script as file: Download Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Import-Module ActiveDirectory # Set the new password $newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force # Import users from CSV Import-Csv "C:\Scripts\ADUsers.csv" | ForEach-Object { $samAccountName = $_."samAccountName" #Un-comment the below line if your CSV file includes password for all users #$newPassword = ConvertTo-SecureString -AsPlainText $_."Password" -Force # Reset user password. Set-ADAccountPassword -Identity $samAccountName -NewPassword $newPassword -Reset # Force user to reset password at next logon. # Remove this line if not needed for you Set-AdUser -Identity $samAccountName -ChangePasswordAtLogon $true Write-Host " AD Password has been reset for: "$samAccountName }
5. Now run the file Reset-Bulk-AD-Users-Pwd-FromCSV.ps1 from Powershell command to reset bulk AD user’s password from CSV file.
PS C:\Scripts> .\Reset-Bulk-AD-Users-Pwd-FromCSV.ps1
Reset set of Active Directory User’s Password
The below powershell command reset all the user’s password from TestOU because I have used this LDAP filter ‘(name=*)‘. You can use your own LDAPfilter and SearchBase to select set of users to reset password.
Import-Module ActiveDirectory $newPassword = ConvertTo-SecureString -AsPlainText "MyP@ssw0rd" -Force Get-ADUser -LDAPfilter '(name=*)'` -SearchBase "OU=TestOU,DC=TestDomain,DC=local" | Set-ADAccountPassword -NewPassword $newPassword -Reset
need more detail
Hi Mark, can u explain what kind of details u want?
Thanks a lot for posting.
You made it quite simple to understand.
Well done 😉
Thank you, I was able to modify this a bit to set the passwords also from the CSV which has saved me a few hours of manual resetting time 🙂
CountParadox, can you please let us know the command you used for the password CSV?
how do you have it create a random password for an account you want to reset the password on an account
I have tried this but doesn’t seem to work:
#$newPassword = ConvertTo-SecureString -AsPlainText $_.”Password” -Force
#$newpwd = -join (33..126|%{[char]$_}|Get-Random -Count 20)
Can you try the below method?.
$chars = "abcdefghijkmnopqrstuvwxyzABCEFGHJKLMNPQRSTUVWXYZ23456789!#%&?".ToCharArray()
$newPassword=""
1..12 | ForEach { $newPassword += $chars | Get-Random }
Write-Host $newPassword -ForegroundColor 'Yellow'
You can refer to this post: https://morgantechspace.com/2016/03/generate-random-password-for-ad-using-powershell.html
Could you use email address as the attribute instead?
No, but you can use the UPN (UserPrincipalName) attribute. In most cases, both UPN and email address have the same value.
In this case, you need to add the required users’ UPN in the CSV file under the header UserPrincipalName and replace the below lines.
#$samAccountName = $_."samAccountName" Replace this line with the below line.
$UserPrincipalName = $_."UserPrincipalName"
# Reset user password.
Set-ADAccountPassword -Identity $UserPrincipalName -NewPassword $newPassword -Reset
# Force user to reset password at next logon.
# Remove this line if not needed for you
Set-AdUser -Identity $UserPrincipalName -ChangePasswordAtLogon $true
Do you get any confirmation on reset success?
No, we do not get any response. If no error message is thrown, then you can simply assume the command was successful, otherwise, the error message provides the reason for the failure.