Bulk Password Reset v2 – Active Directory

Sharing a second version of my Bulk Password Reset Script.

https://techwizard.cloud/2019/11/26/bulk-password-reset-active-directory/

I was contacted again by our Active directory team as they wanted to reset the password of hundreds of users.

They need a powershell spell that can do below:

  • Read userids (samaccountname) and Passwords from CSV.
  • Reset the different password for users.
  • user must change password should be unchecked.

Sharing the script that has been quickly written to perform this magic.

You can download the script from below:

https://github.com/VikasSukhija/Downloads/blob/master/BulkPasswordReset.zip

Now create a csv file as shown in the downloaded sample.csv in the solution.

Now open powershell and change to directory where you have placed the script.

Run the script, it will ask you for the csv file that you want to set and file that contains bulk users along with password

Script will create logs and report folder to place log and csv report of the whole bulk operation.

Sample.csv


Report

<#     
    .NOTES 
    =========================================================================== 
    Created with:     ISE 
    Created on:       1/23/2020 1:46 PM 
    Created by:       Vikas Sukhija 
    Organization:     http://techwizard.cloud 
    Filename:         BulkPasswordResetCSV.ps1 
    =========================================================================== 
    .DESCRIPTION 
    This will reset the password for BUlk from CSV file 
#>param ( 
  [string]$Userlist = $(Read-Host"Enter CSV file with Network accounts - Networkid,Password") 
 
) 
 
function Write-Log 
{ 
  [CmdletBinding()] 
  param 
  ( 
    [Parameter(Mandatory = $true,ParameterSetName = 'Create')] 
    [array]$Name, 
    [Parameter(Mandatory = $true,ParameterSetName = 'Create')] 
    [string]$Ext, 
    [Parameter(Mandatory = $true,ParameterSetName = 'Create')] 
    [string]$folder, 
     
    [Parameter(ParameterSetName = 'Create',Position = 0)][switch]$Create, 
     
    [Parameter(Mandatory = $true,ParameterSetName = 'Message')] 
    [String]$Message, 
    [Parameter(Mandatory = $true,ParameterSetName = 'Message')] 
    [String]$path, 
    [Parameter(Mandatory = $false,ParameterSetName = 'Message')] 
    [ValidateSet('Information','Warning','Error')] 
    [string]$Severity = 'Information', 
     
    [Parameter(ParameterSetName = 'Message',Position = 0)][Switch]$MSG 
  ) 
  switch ($PsCmdlet.ParameterSetName) { 
    "Create" 
    { 
      $log = @() 
      $date1 = Get-Date-Format d 
      $date1 = $date1.ToString().Replace("/""-") 
      $time = Get-Date-Format t 
     
      $time = $time.ToString().Replace(":""-") 
      $time = $time.ToString().Replace(" """) 
     
      foreach ($nin$Name) 
      {$log+= (Get-Location).Path +"\" + $folder + "\" + $n + "_" + $date1 + "_" + $time + "_.$Ext"} 
      return$log 
    } 
    "Message" 
    { 
      $date = Get-Date$concatmessage = "|$date"+"|   |"+$Message+"|  |"+"$Severity|"switch($Severity){ 
        "Information"{Write-Host -Object $concatmessage-ForegroundColor Green} 
        "Warning"{Write-Host -Object $concatmessage-ForegroundColor Yellow} 
        "Error"{Write-Host -Object $concatmessage-ForegroundColor Red} 
      } 
       
      Add-Content-Path $path-Value $concatmessage 
    } 
  } 
} #Function Write-Logfunction ProgressBar 
{ 
  [CmdletBinding()] 
  param 
  ( 
    [Parameter(Mandatory = $true)] 
    $Title, 
    [Parameter(Mandatory = $true)] 
    [int]$Timer 
  ) 
     
  For ($i = 1; $i-le $Timer$i++) 
  { 
    Start-Sleep-Seconds 1; 
    Write-Progress-Activity $Title-Status "$i"-PercentComplete ($i/10 * 100) 
  } 
} 
#################Check if logs folder is created##################$logpath  = (Get-Location).path +"\logs"$testlogpath = Test-Path-Path $logpathif($testlogpath-eq $false) 
{ 
  ProgressBar -Title "Creating logs folder"-Timer 10 
  New-Item-Path (Get-Location).path -Name Logs -Type directory 
} 
 
$Reportpath  = (Get-Location).path +"\Report"$testlogpath = Test-Path-Path $Reportpathif($testlogpath-eq $false) 
{ 
  ProgressBar -Title "Creating Report folder"-Timer 10 
  New-Item-Path (Get-Location).path -Name Report -Type directory 
} 
 
 
####################Load variables and log#######################$log = Write-Log -Name "BulkPasswordReset-Log"-folder "logs"-Ext "log"$Report = Write-Log -Name "BulkPasswordReset-Report"-folder "Report"-Ext "csv"$users = Get-Content$Userlist$collection = @() 
Write-Log -Message "Start Script"-path $log########################Load Modules#############################try{ 
  Import-Module ActiveDirectory 
} 
catch{ 
  $exception = $_.Exception 
  Write-Log -Message "Error loading AD Module Loaded"-path $log-Severity Error 
  Write-Log -Message $exception-path $log-Severity error 
  ProgressBar -Title "Error loading AD Module Loaded - EXIT"-Timer 10 
  Exit 
} 
 
########################Process users#############################$users = import-csv$Userlist| where{$_.networkid -ne $null} 
 
if($users){ 
  $users|ForEach-Object{ 
    $error.clear() 
    $mcoll = ""|Select UserID, PasswordReset 
    $password = $null$user = $null$user = $_.Networkid.trim() 
    $password = $_.password.trim() 
    $SecurePassword=ConvertTo-SecureString$Password-AsPlainText -Force 
    $mcoll.UserID = $user 
    Write-Log -Message "Processing..............$user"-path $log 
    Set-ADAccountPassword -Identity $user-Reset -NewPassword $SecurePassword 
    Set-ADUser -Identity $user-ChangePasswordAtLogon $falseif($error){ 
      Write-Log -Message "Password reset Failure $user "-path $log-Severity Error 
      $mcoll.PasswordReset = "Error"$error.clear() 
    } 
    else{ 
      $mcoll.PasswordReset = "Success" 
      Write-Log -Message "Password reset Success $user "-path $log 
    } 
    $collection+=$mcoll 
  } 
 
} 
$collection|Export-Csv$Report-NoTypeInformation 
Write-Log -Message "Finish Script"-path $log###########################################################################

Tech Wizard

http://techwizard.cloud

PowerShell Cheat Book

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s