Trying to reset password for all users in OU

This topic contains 3 replies, has 3 voices, and was last updated by  Michael Arnold 2 years, 5 months ago.

  • Author
    Posts
  • #27616

    Michael Arnold
    Participant

    I am having issues getting this to run correctly. Could anyone point me in the right direction?

    $stu = Get-ADUser -Filter * -SearchBase "ou=elementary,ou=students,dc=test,dc=net"   -Server dc1.test.net
    
    Set-ADAccountPassword -Identity $stu -Server dc1.test.net -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "password" -Force) -WhatIf
    

    When I run this I get an error:


    Set-ADAccountPassword : Cannot convert 'System.Object[]' to the type 'Microsoft.ActiveDirectory.Management.ADAccount'
    required by parameter 'Identity'. Specified method is not supported.

  • #27618

    Don Jones
    Keymaster

    So, as a note, we don't use backticks to denote code. Instructions for code formatting are listed above the posting text box.

    Get-ADUser is returning an array of objects, which is why you're seeing [object[]]. The -Identity parameter of Set-ADAccountPassword accepts only a single value, not an array. You can't, in other words, do what you're trying – bulk-change passwords. You have to do them one at a time, such as using a ForEach-Object command. The idea being:

    Get-ADUser | ForEach-Object { Set-ADAccountPassword -Identity $_ }
    
  • #27619

    Tim Pringle
    Participant

    Hi Michael,

    Have you had a look to see how many objects are being returned by the Get-ADUser? Judging by the reference in the error to an object array, I think it's likely that you've received more than one, at which point $stu will become an array of (AD account) objects.

    If you find thats the case, then you could either try using the pipeline, or a foreach loop to reset the individual account's passwords.

    e.g.

    ForEach ($user in $stu) {
    Set-ADAccountPassword -Identity $user -Server dc1.test.net -Reset `
    -NewPassword (ConvertTo-SecureString -AsPlainText "password" -Force) -WhatIf
    }

  • #27625

    Michael Arnold
    Participant

    Thank you, adding foreach solved the issue.

    *Original Code has been edited, thanks Don.

You must be logged in to reply to this topic.