Re: Group password reset
From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 09/30/05
- Previous message: Jon LaBarge: "Re: Group password reset"
- In reply to: Jon LaBarge: "Re: Group password reset"
- Next in thread: Jon LaBarge: "Re: Group password reset"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Sep 2005 17:23:46 -0500
You can use dsquery to pipe the results to dsmod. To make it easy you could
move the user accounts you want to do this into a temporary OU , dsquery for
users in that OU and pipe the results to dsmod to change their account
properties to require change password at next logon. As always it would be
best to try out on a couple test accounts first. --- Steve
"Jon LaBarge" <jonlabarge@comcast.net> wrote in message
news:enK4aLUxFHA.3772@TK2MSFTNGP11.phx.gbl...
> Also, the dsmod is my best bet but I still need the LDAP info for each
> user that I want to change so my command line would be about 500 rows
> long.
>
> I think 1 by 1 is the way it's gonna have to happen. Or, I can just wait
> till their current PW expires and they will have to change it then.
>
>
> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> news:3d6dnUWf9-NcyKHeRVn-uQ@comcast.com...
>> If you have a Window 2003 domain controller you can do that with Active
>> Directory Users and Computers. I believe you highlight all the user
>> accounts, select properties, and then select user must change password at
>> next logon. I am going by memory so it may be a little more complicated
>> [not much] than that but that should get you started in the general
>> direction. You can also use the AD command line tools for dsquery for
>> user and dsmod for users of which you can pipe the results from dsquery
>> to dsmod. Use | between two commands with space before and after to pipe.
>> If you have a Windows 2000 domain you still can use the AD command line
>> tools if you install adminpak for Windows 2003 [free download from MS]
>> onto a Windows XP Pro domain computer and logon as a domain administrator
>> or use runas for those tools.
>>
>> You might want to rethink doing all the accounts in one day. Maybe do a
>> fourth or so the first day to see how it goes so as to not flood support
>> with calls. Be sure users are educated as to what the requirements are
>> for new passwords with specific examples. You might be surprised to find
>> out how hard users find this to be. --- Steve
>>
>> http://www.ss64.com/nt/dsmod.html -- dsmod example.
>>
>> "Jon LaBarge" <jonlabarge@comcast.net> wrote in message
>> news:e%23vqG0SxFHA.612@TK2MSFTNGP10.phx.gbl...
>>> Is there a way to force all users in AD to reset their password at the
>>> next logon without having to do each account 1 by 1? We have implemented
>>> PassFilt Pro SPE and I would like for all user to change their passwords
>>> to meet the new complexity requirements on the go-live day. Any
>>> suggestions?
>>>
>>> Thx,
>>>
>>> Jon
>>>
>>
>>
>
>
- Previous message: Jon LaBarge: "Re: Group password reset"
- In reply to: Jon LaBarge: "Re: Group password reset"
- Next in thread: Jon LaBarge: "Re: Group password reset"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
