PowerShell: Force password change of users in an OU

16 July 2019 - 18 January 2021 - Romain - (2) - 1 minute

The following script allows you to force the password change at the next logon.

# Removing the password not expiring
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -PasswordNeverExpires $False
# Removed the impossibility to change the password
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -CannotChangePassword $False
# We force the change
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -ChangePasswordAtLogon $True

Tip: Run the script at night, if the password date has expired, users will have to make the change as soon as the script runs.

2 thoughts on “PowerShell: Force password change of users in an OU”

hi,

amazing.

how about adding “-recurse” parameter to get child OUs out of a parent OU?

Stefanos

Romain
21 February 2024 at 15 03 04 02042
Hi,
The command is already recursive
Romain
Reply

PowerShell: Force password change of users in an OU

Similar articles

2 thoughts on “PowerShell: Force password change of users in an OU”

Leave a Comment Cancel reply