excuse me for my rusty understanding of programming, hoping someone could take a glance at this and see where my mistake is. I'm having issues trying to mass reset passwords within a test 2008 R2 domain using Powershell. I imported the AD module into Powershell. I have a .csv file containing the sAMAccountName (ADUC usernames) and I import that into powershell by assigning object $UserFile = "c:\2019StudentsB115.csv". Then I am using a foreach loop to go through and reset the passwords on each account but this is where it always seems to fail.
I tried adding the password to the .csv file as a 2nd column and that didn't work. Then I removed the 2nd column and removed the corresponding code for the passwords. I tried using ConvertTo-SecureString to give the generic password "Qwerty10" to all of these accounts. These accounts are all getting 1 generic password and I do not want the user to have to reset it upon first login. I thought I could use a foreach loop to easily do this but I get errors no matter what I do.
The code I've tried is as follows:
Attempt 1: Endless loop of error "Cannot bind argument to String because it is null"
foreach ($Account in $Resetpassword) {
$Account.sAMAccountName
$Account.Password
Set-ADAccountPassword -Identity $Account.sAMAccountName -NewPassword (ConvertTo-SecureString $Account.Password -AsPlainText "Qwerty10" -force) -Reset
}
Attempt 2: Error "Cannot validate argument on parameter 'Identity'. The argument is null." lime:3 char:40
$UserFile = "c:\2019StudentsB115.csv"
foreach ($Account in $Resetpassword) {
$Account.sAMAccountName
Set-ADAccountPassword -Identity $Account.sAMAccountName -NewPassword (ConvertTo-SecureString "Qwerty19" -AsPlainText -force) -Reset
}
I thought maybe it was my syntax using Set-AdAccountPassword
but then I tried this and it worked fine: Set-AdAccountPassword -Identity "math1-1" -NewPassword (ConvertTo-SecureString -AsPlainText "Qwerty10" -force)
I'm passing the identity Math1-1 and the password Qwerty10 as a new password to this cmdlet and it works, so why can't I pass this using the .csv file? Any tips or pointers would be appreciated. I have about 20 tabs open from Googling this and nothing is really helping. I reviewed the syntax for Get/set ADAddcount and ConvertTo-SecureString but that isn't really helping me figure out how to assign objects from this .csv file.
Alex
I tried running:
foreach ($Account in $Resetpassword) {
Set-ADAccountPassword $Account -NewPassword (ConvertTo-SecureString -AsPlainText "Qwerty19" -force) -Reset
}
Results of 1 of the accounts:
Set-ADAccountPassword : Cannot bind parameter 'Identity'. Cannot convert the "@{sAMAccountName=math5-3}" value of type "System.Management.Automation.PSCustomObject" to type "Microsoft.ActiveDirectory.Management.ADAccount". At line:2 char:30 + Set-ADAccountPassword <<<< $Account -NewPassword (ConvertTo-SecureString -AsPlainText "Qwerty19" -force) -Re set + CategoryInfo : InvalidArgument: (:) [Set-ADAccountPassword], ParameterBindingException + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.ActiveDirectory.Management.Commands.SetADAccoun tPassword
foreach
loop contains$account.SamAccountName
. Does this bring back the username you're expecting to see? Identity eq $null means that's the missing bit – Graham Jordan$account
. likeforeach ( $account in $resetpasswords ) { Set-adAccountPassword $account -NewPassword (ConvertTo-SecureString -AsPlainText "Qwerty10" -force) -Reset }
– Graham Jordan$resetpassword[1]
. Feel free to change anything identifiable, it's the variable names I'm looking for. – Graham Jordan