Reset Passwords for users in a specific OU

Question

Hi There 
 we have a new HR system that is using Powershell to Create users. Unfortunately, this does not output the passwords so we cannot send them to the managers. 
 
 Is there a way to reset the passwords for any users that get created in this OU using a generic password? 
 I have got a script that generates a password, I cant seem to get it to Reset the users password. 
 
 $Users = get-qaduser -SizeLimit 10000 -SearchRoot 'ou=new users,dc=test,dc=Local' -IncludedProperties DisplayName, SamAccountName 
 function Get-RandomPassword { $length = 10 $characters = 'abcdefghkmnprstuvwxyzABCDEFGHKLMNPRSTUVWXYZ' $nonchar = '123456789!$%&?#' $random = 1..$length | ForEach-Object { Get-Random -Maximum $characters.length } $random2 = 1..2 | ForEach-Object { Get-Random -Maximum $nonchar.length } $private:ofs= "" $ThePassword = [string]$characters[$random] + [string]$nonchar[$random2] return $ThePassword } 
 function Reset-ADPassword { foreach ($User in $Users) { $Username = $User.SamAccountName $DisplayName = $User.DisplayName $Password = Get-RandomPassword 
 Write-Host $DisplayName / $Username / $Password Set-ADAccountPassword -id $username -NewPassword (ConvertTo-SecureString -AsPlainText $Password -Force) }

umang anand · Answer

Ok I think I have managed to sort this out now. Here is what I have managed to do so Far. $Users = get-qaduser -SizeLimit 10000 -SearchRoot 'ou=End Users & Computers,dc=Domain,dc=Local' -Properties DisplayName, SamAccountName, ExtensionAttribute6, manager function Get-RandomPassword { $length = 10 $characters = 'abcdefghkmnprstuvwxyzABCDEFGHKLMNPRSTUVWXYZ' $nonchar = '123456789!$%&?#' $random = 1..$length | ForEach-Object { Get-Random -Maximum $characters.length } $random2 = 1..2 | ForEach-Object { Get-Random -Maximum $nonchar.length } $private:ofs= "" $ThePassword = [string]$characters[$random] + [string]$nonchar[$random2] return $ThePassword } foreach ($User in $Users) { $Username = $User.SamAccountName $DisplayName = $User.DisplayName $Password = Get-RandomPassword $Startdate = $User.ExtensionAttribute6 # This will be the distinguishedName of the manager of the user. $ManagerDN = (Get-ADUser -Identity $User.sAMAccountName -Properties manager).manager # Retrieve the email address of the manager. $MgrEmail = (Get-ADUser -Identity $ManagerDN -Properties EMailAddress).EMailAddress # Write-Host $DisplayName / $Username / $Password / $MgrEmail # $DisplayName, $Password | Out-File c: emp\Password.txt -append Set-ADAccountPassword -Identity $username -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $Password -Force) # Set-ADUser -Identity $username -ChangePasswordAtLogon $true $report = "

To enable your new starter to thrive in their career at Test, we have listed below important details that both of you need to action to support their onboarding. They are as follows:

New Starter Login Details

Login Details

Start Date

$Startdate

User Login

$Username

User Password

$Password

" Send-MailMessage -To $MgrEmail,Users@test.co.uk -From activerolesnp@test.co.uk -Body $report -subject "IMPORTANT: New Employee: $Username Login Details & Regulatory Learning" -SmtpServer smtp -BodyAsHtml } This all works fine when I run it as is. The problem I have when I add this to the script module, I run the work flow I get 2 emails for each user instead of 1 when running it from the powershell. Is there something in the WorkFlow I need to change?

Reset Passwords for users in a specific OU

Top Replies