PowerShell - User Must Change Password at Next Logon

powershell active-directory change-password
PermanentBeginner picture PermanentBeginner · Sep 29, 2017 · Viewed 20.6k times · Source

Here is what I have, everything works great thus far except the part where I need the user to change their password on sign in

Import-Csv C:\Users\user\Desktop\newuser.csv | New-ADUser -PassThru | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText '@To03PXaz4' -Force) -PassThru | Enable-ADAccount -PassThru | Set-Aduser -ChangePasswordAtNextLogon $true

any guidance would be greatly appreciated

Answer

Jacob Colvin picture Jacob Colvin · Sep 29, 2017

The syntax is -ChangePasswordAtLogon, not -ChangePasswordAtNEXTLogon. See https://technet.microsoft.com/en-us/library/hh852287(v=wps.630).aspx

Using Set-Aduser -ChangePasswordAtLogon $true should fix your problem.

Related questions

Can I change my own password in Active Directory using Powershell

I am trying to change password for my own account in AD using powershell. My account is just a regular account (no domain admin rights) I tried net user, dsquery and powershell cmdlets, but all of them errors out "Access …

Read More
How to get all groups that a user is a member of?

PowerShell's Get-ADGroupMember cmdlet returns members of a specific group. Is there a cmdlet or property to get all the groups that a particular user is a member of? I fixed my mistake: Get-Member should be Get-ADGroupMember.

Read More
Powershell script to see currently logged in users (domain and machine) + status (active, idle, away)

I am searching for a simple command to see logged on users on server. I know this one : Get-WmiObject -Class win32_computersystem but this will not provide me the info I need. It returns : domain Manufactureer Model Name (Machine name) …

Read More