How to bulk change AD passwords?

N

Nikolay Ivanchenko2017-07-11 13:05:56

PowerShell

Nikolay Ivanchenko, 2017-07-11 13:05:56

Good afternoon dear experts! Need help in solving such a trivial task:
Given:
1) 110 user accounts in AD (on the win2008R2 server)
2) There is a text file in which all 110 users are written line by line in the form:
"CN=Petrova,OU=Users,OU=ORG .LOC,DC=org,DC=loc"
"CN=Sidorov,OU=Users,OU=ORG.LOC,DC=org,DC=loc"
"CN=Ivanov,OU=Users,OU=ORG.LOC,DC =org,DC=loc"
"CN=Kozlov,OU=Users,OU=ORG.LOC,DC=org,DC=loc"
etc. exactly 110 pcs.
3) A text file containing a 9-character password line by line:
gfhys32jf7
ahjds6382
dfk83j333
, etc. exactly 110 pcs.
Required:
Write a script in powershell or just a batch file so that it changes user passwords (takes them from a file with passwords) and outputs the result to a third file in the form of two columns (1 column - accounting; 2 column - passwords)
How to change passwords using powershell (or cmd) I understand. It is not possible to read data from a file and use it in a script using a loop.
Set-ADAccountPassword -Identity NameUser -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "password" -Force)
NameUser - username from file #1
"password" -user password from file #2

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

N

Nikolay Ivanchenko, 2017-07-12
@Krokozyabla

Here's the script I ended up with:

cls
Import-Module ActiveDirectory
$file1 = Get-Content C:\Script\ch_pwd\users_in_ou.txt #файл с логинами пользователе
$file2 = Get-Content C:\Script\ch_pwd\password_for_users.txt #файл с паролями пользователе  
$count = $file1.Length

write-host 'Всего прочитано и обработано записей',$count,':' # выводим на экран увидомление о количестве записей

for ($i = 0; $i -lt $count; $i++)
{ 
#$file1[$i] 
Set-ADAccountPassword -Identity $file1[$i] -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $file2[$i] -Force)
$result = $file1[$i] +'  |   '+ $file2[$i]
Out-File -filepath C:\Script\ch_pwd\passwords_users.txt  -inputobject $result ASCII -width 250 -force -NoClobber -Append
}
Read-Host

B

Boris Korobkov, 2017-07-11
@BorisKorobkov

On bash:

#!/bin/bash
file2="./source2.txt"
readarray file2_lines < $file2

file1="./source1.txt"
index=0
while read file1_line
do
  echo "$file1_line ${file2_lines[$index]}"
  index=$(($index+1))
done < $file1

S

Serg New, 2017-07-11
@drsmoll

Through FOR you can:
FOR /F "delims=; " %%i in (file.txt) do (
@echo %%i %%j
)
to simplify, create a file with the following content:
CN=Petrova,OU=Users,OU =ORG.LOC,DC=org,DC=loc;gfhys32jf7
CN=Kozlova,OU=Users,OU=ORG.LOC,DC=org,DC=loc;dfk83j333

C

CityCat4, 2017-07-11
@CityCat4

I don’t know how it will be on powershell, but in VBS it can be solved like this: (strNoDeployFilename - string, file name). The file was considered with one call, parsed with the second - there are not a million lines in the same place - and we work with an array

' Create filesystem object
Set objFSO = CreateObject("Scripting.FileSystemObject")

' Open nodepolyed boxes list file
If objFSO.FileExists(strNoDeployFilename) Then
  Set objTextFile = objFSO.OpenTextFile(strNoDeployFilename, ForReading)
 Else
   WScript.Echo("Nodeployed boxes list file " & strNoDeployFilename & " does not exist")
   WScript.Quit
End If

strNoDeployLine = objTextFile.ReadAll 
objTextFile.Close

arrayNodeploy = Split(strNoDeployLine, vbNewLine, vbSplitAll, vbTextCompare)