PowerShell: Force password change of users in an OU

The following script allows you to force the password change at the next logon.

 

# Removing the password not expiring
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -PasswordNeverExpires $False
# Removed the impossibility to change the password
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -CannotChangePassword $False
# We force the change
Get-ADUser -Filter * -SearchBase "OU=USERS_TEST,DC=lab,DC=intra" | Set-ADUser -ChangePasswordAtLogon $True

Tip: Run the script at night, if the password date has expired, users will have to make the change as soon as the script runs.

 



Related Posts


Active Directory : increase the functional level of the domain and the forest
Presentation The functional level of the domain and forest corresponds to the "version" of your Active Directory environment and allows access to more or fewer features depending on the level of each. Mainly this level change occurs when upgrading to

Active Directory: Joining a Computer to a Domain at the Command Line
Introduction The Active Directory domain join of a computer can be done using either the GUI or using command line and PowerShell. In this tutorial, I will explain how to join a computer to a domain using the various command lines that are: NETDOM DJ

GPO: Make users administrator of their post
Presentation In this tutorial, we are going to have how to set up a GPO to make the admin domain users of their post. The goal is to add the Domain Users group in the Administrators 1 group of the user station. The Domain Admins group is already a me