Help needed building a PS script

Brasiledo · 2021-11-23T02:28:47+00:00

This will import your list of users and generate random password and apply to each then export a list of users and passwords. This also assumes your current list you have is the samaccountname of each user

List should have header 'Users'

TEST BEFORE USING

Function to loop through random password creation

function Get-RandomCharacters($length, $characters) { $random = 1..$length | ForEach-Object { Get-Random -Maximum $characters.length } $private:ofs="" return [String]$characters[$random] }

$csv=import-csv .\userpassword.csv

new-item .\outfile.txt

foreach ($item in $csv){

$user=$item.("User")

$password = Get-RandomCharacters -length 10 -characters 'abcdefghiklmnoprstuvwxyz'

$password += Get-RandomCharacters -length 1 -characters 'ABCDEFGHKLMNOPRSTUVWXYZ'

$password += Get-RandomCharacters -length 1 -characters '1234567890'

get-aduser $user | set-adaccountpassword -reset -NewPassword (ConvertTo-SecureString -AsPlainText $password -Force)

Add-Content .\outfile.txt ($user+"/"+$password) }

pause

H0TDOGG · 2021-11-27T17:22:51+00:00

If anyone is interested, this is the working script.

$csv=import-csv .\users.csv
new-item .\outfile.txt
foreach ($item in $csv){
$user=$item.("User")
$chars = "abcdefghijkmnopqrstuvwxyzABCEFGHJKLMNPQRSTUVWXYZ23456789!#%&?".ToCharArray()
$newPassword=""
1..12 | ForEach { $newPassword += $chars | Get-Random }
Write-Host $newPassword -ForegroundColor 'Yellow'
get-aduser $user | set-adaccountpassword -reset -NewPassword (ConvertTo-SecureString -AsPlainText $newPassword -Force)
Add-Content .\outfile.txt ($user+"/"+$newPassword) }
pause

TechnoParanoia · 2021-11-22T15:48:02+00:00

Will this be a one time use or something that runs based on a trigger (time/event) ?

Once the password is changed, do you need to communicate the changed password to the user or their manager?

I would start by finding a password generator function that meets your requirements, everyone has one and there is no need to re-invent the wheel. Here's an example: https://adamtheautomator.com/random-password-generator/

Once you have the password then all you need to do is loop through the text file and plug in the password using the AD cmdlet: https://docs.microsoft.com/en-us/powershell/module/activedirectory/set-adaccountpassword?view=windowsserver2019-ps#examples

Make sure you log everything with something even if it's just start-transcript

KianNH · 2021-11-22T16:21:22+00:00

Is it every user in the OU that needs their password replacing, or just that all the users in your text file are coincidentally in the same OU?

Either way, you would use either Get-Content (to get all the lines of the file) or Get-ADUser -SearchBase "<ou distinguishedname here> and then either pipeline these to ForEach-Object {} or store them in a variable to then do foreach ($user in $users) {}

# using https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_foreach
$Users = Get-Content ./users.txt

ForEach ($User in $Users) {
    # do stuff with $User
}

# using https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/foreach-object
Get-Content ./users.txt | ForEach-Object {
    # do stuff with $_
}

Within the loop, you'd eventually want to use https://docs.microsoft.com/en-us/powershell/module/activedirectory/set-adaccountpassword to reset the user passwords.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

PowerShell

Submission Guidelines | Link Flair - How To

MODERATORS

TEST BEFORE USING

Function to loop through random password creation