Force all user passwords to be changed

I find this one quite useful when customers experience a security breach, and they request that all users are forced to update their passwords. Other accounts can be added to the filter in the where cause if needed (or of course you’ve renamed your administrator account etc).


import-module activedirectory

get-aduser -filter * |
where {$_.samaccountname -ne "Administrator" } |
set-aduser -passwordneverexpires:$False `
-changepasswordatlogon:$true

Leave a Reply

Your email address will not be published. Required fields are marked *


CAPTCHA Image
Reload Image