Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

change password for many users in AD 1

Status
Not open for further replies.
remcovanuitert

remcovanuitert

Technical User
Apr 3, 2003
28
BE
I work for a school, we have about 700 users in Active Directory (Win2003). I need to reset the passwords for all students and teachers to a random password.

I created the users last year using the script below (which I created by merging some scripts I found on the internet). The script reads the information from an excel sheet and creates the users. The password column contained a random combination of letters and numbers.

It seems I will have to change this line (from the script below):
Set oUser = ou.Create("user","CN=" & login)
to something like:
Set oUser = ou.FindUser("user","CN=" & login) ?
to be able to change the password.

To make a long story short, what method can I use to get a user object in order to modify it?
Thanks in advance,
Remco


**** SCRIPT *****
set x = getobject(,"excel.application")
set ou = GetObject("LDAP://OU=GuestAccounts,DC=DOMAINNAME,DC=NET")
r = 1
Const ou_name = "Users"
do until len(x.cells(r, 1).value) = 0
login = x.cells(r, 1).value
firstname = x.cells(r, 2).value
lastname = x.cells(r, 3).value
password = x.cells(r, 4).value
fullname = firstname & " " & lastname
Set oUser = ou.Create("user","CN=" & login)
oUser.Put "userPrincipalname", fullname & "@esmol.net"
oUser.Put "samAccountName", login
oUser.Put "givenName", firstname
oUser.Put "sn", lastname
oUser.Put "displayName", fullname
oUser.SetInfo
oUser.SetPassword password
oUser.SetInfo
oUser.AccountDisabled = False
oUser.SetInfo
r = r + 1
set objOU = Nothing
set oUser = Nothing
Loop
set x = nothing
set ou = nothing
set r = nothing
 
Sort by date Sort by votes
Since your users already exist, you will just need a list of user names. You will then need to use the GetObject command to bind to the user object.

Code: 
Set objUser = GetObject _
 ("LDAP://cn=" & UserString & ",ou=users,dc=fabrikam,dc=com")
objUser.SetPassword newPass

You will find a handy function to convert your user name to the distinguished name for the bind here: faq329-5688

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
Why not just use the AD command-line tools to achieve this. You can use combinations of dsquery and dsget to enumerate your users in AD and then pipe the putput to dsmod to change the pwd like this:

dsmod user "CN=SmithJo,CN=Users,DC=domain,DC=org" -pwd A1b2C3d4 -mustchpwd yes

Or, easier yet, export the user list from AD, put it in a spreadsheet, create the dsmod command in a suitable column using formulas and then cut and paste into a command line or create a batch file.....voila!

HTH

Marty

Marty
Network Admin
Hilliard Schools
 
Upvote 0 Downvote
thanks for the replies. Both were very useful. I decided to go with the last one, which is a bit quick and dirty, but more transparent (to me).

Thanks again, regards,
Remco
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bdwilcox
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
801
SoftwareRT
SoftwareRT
Z3braa
  • Locked
  • Question
Remove specific computer name in Logon Workstation from from all users in AD, with VBScript
Replies
0
Views
122
Z3braa
Z3braa
lunter
  • Locked
  • Question
How to create vbArray+vbByte (8209) in *.vbs stript
Replies
0
Views
157
lunter
lunter
spamjim
  • Locked
  • Question
Setting height and width for an image in an Outlook email signature
Replies
0
Views
107
spamjim
spamjim
jahelka
  • Locked
  • Question
script editing - base64 for files in folder
Replies
1
Views
122
mikrom
mikrom

Part and Inventory Search

Sponsor

Back
Top