PowerShell: Force password change of users in an OU

16 July 2019 - 18 January 2021 - Romain - (2) - 1 minute

The following script allows you to force the password change at the next logon.

# Removing the password not expiring
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -PasswordNeverExpires $False
# Removed the impossibility to change the password
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -CannotChangePassword $False
# We force the change
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -ChangePasswordAtLogon $True

Tip: Run the script at night, if the password date has expired, users will have to make the change as soon as the script runs.

Active Directory

Active Directory , PowerShell , Security , User

2 thoughts on “PowerShell: Force password change of users in an OU”

Stefanos Constantinou
20 February 2024 at 11 11 27 02272
hi,
amazing.
how about adding “-recurse” parameter to get child OUs out of a parent OU?
Stefanos
Reply
- Romain
  21 February 2024 at 15 03 04 02042
  Hi,
  The command is already recursive
  Romain
  Reply

PowerShell: Force password change of users in an OU

Similar articles

2 thoughts on “PowerShell: Force password change of users in an OU”

Leave a Comment Cancel reply