hey guys ,
im trying to reset ad users from a csv file and i found numerous powershell scripts about it and it works great
but the problem is the generated password are too heave for example
"6{_@?79v" and " ug+[HiT; " ...
[CmdletBinding(SupportsShouldProcess=$true,
ConfirmImpact="High",
DefaultParameterSetName="OU")]
param
(
[Parameter(Mandatory=$true,Position=0,ParameterSetName="Path")]
[String]$Path,
[Parameter(Mandatory=$True,Position=0,ParameterSetName="OU")]
[String[]]$OrganizationalUnit,
[Parameter(Mandatory=$false,Position=1,ParameterSetName="OU")]
[String]$Password,
[Parameter(Mandatory=$false,Position=2,ParameterSetName="OU")]
[switch]$Recurse,
[Parameter(Mandatory=$false,Position=3)]
[String]$CSVPath="C:\Result$(Get-Date -Format "MMddyyyy").csv"
)
process
{
Add-Type -Assembly System.Web
$result=@()
$OUList=@()
$UserList=@()
if ($Pscmdlet.ParameterSetName -eq "Path")
{
if (Test-Path $Path)
{
$UserList=Import-Csv $path
$ProgressTitle="Reset password for users specified in $path"
}
else
{
$errorMsg="Could not find '$path'. Please make sure the path is correct."
Write-Error -Message $errorMsg
return
}
}
else
{
foreach ($OU in $OrganizationalUnit)
{
$OUList+=Get-ADOrganizationalUnit -Filter 'name -like $OU'
}
$OUList|select Name,DistinguishedName
if ($Recurse)
{
$SearchScope="Subtree"
Write-Host "Users' passwords, in these OUs and their sub-ous, will be reset."
$DNList+=$OUList|ForEach-Object {$_.distinguishedname}
#Remove duplicate child OU , if exists.
foreach ($TempOU in $OUList)
{
foreach ($DN in $DNList)
{
if ($TempOU.DistinguishedName -like "*?$DN")
{
$OUList= $OUList -notmatch $TempOU
#write-verbose
$verboseMsg = "Duplicate OU:$TempOU is a child OU of $DN."
Write-Verbose -Message $verboseMsg
break
}
}
}
}
else
{
$SearchScope="Onelevel"
Write-Host "Users' passwords, in these OUs above, will be reset."
}
foreach ($TempOU in $OUList)
{
$UserList+=Get-Aduser -Filter 'enabled -eq $true' -ResultSetSize $null -SearchBase $TempOU -SearchScope $SearchScope -Properties samaccountname
}
$ProgressTitle="Reset password for users in given OUs"
}
if($PSCmdlet.ShouldProcess("these users"))
{
foreach ($user in $UserList)
{
$Identity=$user.SamAccountName
if ([System.String]::IsNullOrEmpty($Password))
{
if ([System.String]::IsNullOrEmpty($user.Password))
{
#generate a password with 10 character
$NewPassword=[Web.Security.Membership]::GeneratePassword(10,3)
}
else
{
$NewPassword=$user.Password
}
}
else
{
$NewPassword=$Password
}
#write progress
$Counter++
Write-Progress -Activity $ProgressTitle -Status "Processing" -CurrentOperation $Identity -PercentComplete ($counter / ($Userlist.Count) * 100)
#reset password
Set-AdaccountPassword -Identity $Identity -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $NewPassword -Force)
#export a csv file
$Account = New-Object PSObject
$Account | Add-Member -MemberType NoteProperty -Name "Identity" -Value $Identity
$Account | Add-Member -MemberType NoteProperty -Name "NewPassword" -Value $NewPassword
$result+=$Account
}
$result|Export-Csv -Path $CSVPath -NoTypeInformation -Force
}
}
}i got this one from technet ... how can i make it generate just normal passwords alphanumeric just lowercase letters and numbers ?
RM
