Add-Type -AssemblyName Microsoft.VisualBasic# Make buttons\icons variables for

1. Add-Type -AssemblyName Microsoft.VisualBasic
2.  
3. # Make buttons\icons variables for easier reading.
4. $okButton = [System.Windows.Forms.MessageBoxButtons]::OK
5. $errorIcon = [System.Windows.Forms.MessageBoxIcon]::Error
6. $infoIcon = [System.Windows.Forms.MessageBoxIcon]::Information
7.  
8. # Ask for a user name
9. $username = [Microsoft.VisualBasic.Interaction]::InputBox("Enter a username", "Username")
10.  
11. # I like to use the PDC for this stuff, plus it always helps to make sure you're talking to the same
12. # dc through each command against AD.
13. try {
14. $pdc = Get-ADDomainController -Discover -Service PrimaryDC -ErroAction STOP | Select-Object -ExpandProperty hostname
15. Write-Verbose -Message ('Using PDC: {0}' -f $pdc)
16. }
17. catch {
18. $errorMessage = 'Unable to find PDC: {0}' -f $_.exception.message
19. [System.Windows.Forms.MessageBox]::Show($errorMessage,"$username Unlock Error",$okButton,$errorIcon)
20. }
21.  
22. # word dictionary (ideally you might store this in a file somewhere instead of hard coding)
23. $words = @('cat','dog','fish','flower','rabbit','horse')
24.  
25. # pick a random word
26. $word = $words | Get-Random
27.  
28. # Get a random number with 4 digits
29. $number = '{0:D4}' -f (Get-Random -Maximum 9999)
30.  
31. # Build your password string
32. $password = "$word$number"
33. Write-Verbose -Message ('Picked password: {0}' -f $password)
34.  
35. # Create a basic splat to pass in some standard parameters...again easier reading
36. $cmdSplat = @{
37. Identity = $username
38. Server = $pdc
39. ErrorAction = 'STOP'
40. }
41.  
42. # Try to unlock the account, and then set the password and for to change at next logon. If the all of the AD cmdlets work
43. # then return the confirmation success, otherwise fail. With the try-catch...it will only move on to the next command if
44. # the preceding one was a success. If one fails then it immediately goes to the catch block.
45. try {
46. Unlock-ADAccount @cmdSplat
47. Set-ADAccountPassword @cmdSplat -NewPassword (ConvertTo-SecureString -AsPlainText "$password" -Force)
48. Set-ADUser @cmdSplat -ChangePasswordAtLogon $true -PasswordNeverExpires $false
49. $confirmation = "User account $username has been unlocked, and password has been set to $password"
50. [System.Windows.Forms.MessageBox]::Show($confirmation,"$username Unlock Success",$okButton,$infoIcon)
51. }
52. catch {
53. $errorMessage = 'Failed to set password for {0} on {1}: {2}' -f $username,$dc,$_.exception.message
54. [System.Windows.Forms.MessageBox]::Show($errorMessage,"$username Unlock Error",$okButton,$errorIcon)
55. }