API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 23rd, 2016
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.18 KB | None | 0 0
raw download clone embed print report
  1. #>
  2.  
  3.  
  4. function Reset-CSPassword
  5. {
  6. [CmdletBinding()]
  7. Param
  8. (
  9.  
  10. [Parameter(Mandatory=$true,
  11. ValueFromPipelineByPropertyName=$true,
  12. Position=0)]
  13. $UserPrincipalName
  14.  
  15. )
  16.  
  17. # This defines the domain based on domain stored in the $UserPrincipalName variable.
  18.  
  19. $Domain = $UserPrincipalName -split '@'
  20.  
  21. <# This uses the domain stored in the first position of the array stored in $Domain to retrieve the default password policy for the domain.
  22. This information is then used to call a .NET class and method which will generate a random password which meets the domain's complexity
  23. requirements.
  24. #>
  25.  
  26. $PasswordPolicy = Get-ADDefaultDomainPasswordPolicy -Identity $Domain[1]
  27.  
  28. # A password which contains at least two alphanumeric characters and exceeds the minimum password length by half is generated.
  29.  
  30. $RandomPassword = [System.Web.Security.Membership]::GeneratePassword($PasswordPolicy.MinPasswordLength*1.5,2)
  31. $NewPassword = ConvertTo-SecureString -String $RandomPassword -AsPlainText -Force
  32.  
  33. # The current forest is found by calling a .NET class and method.
  34.  
  35. $ForestInfo = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
  36.  
  37. # The first Global Catalog found is stored in the 'Name' property of the variable below.
  38.  
  39. $GlobalCatalog = $ForestInfo.FindGlobalCatalog()
  40.  
  41. # This is where the function searches for the user on the nearest GC by using the UPN provided. The GC port is appended in the 'Server' parameter.
  42.  
  43. $User = Get-ADUser -Filter { UserPrincipalName -Like $UserPrincipalName } -Properties UserPrincipalName,Mail -Server $($GlobalCatalog.Name + ":3268")
  44.  
  45. # The password is changed here.
  46.  
  47. Invoke-Command -ScriptBlock { $User | Set-ADAccountPassword -NewPassword $NewPassword }
  48.  
  49. # The e-mail is sent to the user with their username and password.
  50.  
  51. Send-MailMessage -From admin@somedomain.com -To $User.Mail -Subject "Your password has been reset in $($Domain[1])" -Body "
  52. Per your request, your password has been reset. You may use the following credentials to login:
  53.  
  54. Username: $UserPrincipalName
  55. Password: $RandomPassword
  56.  
  57. Please do not reply to this e-mail." -SmtpServer $SmtpServer
  58.  
  59. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!