I needed to do a mass password change on imported accounts and decided to do this with Powershell. For some reason (maybe because I am using PowerShell 2.0) I got an unexpected error when using the Password property or the SetPassword method (RandomPassword is a function I wrote that generates Random passwords the meet the Complexity Requirements):

$user.Password = RandomPassword
$user.CommitChanges()

The following exception occurred while retrieving member “CommitChanges”: “Logon failure: unknown user name or bad password.

I first thought that my Password Generator function created a password that didn’t meet the Complexity Requirements but settings the same password through Active Directory Users & Computers was no problem.

I also tried the SetPassword method but it has the same result. The only working way was to use the Invoke method of PSBase:

$user.PSBase.Invoke("SetPassword", "SecretDifficultPassword2009")
$user.CommitChanges()

I also verified if using a simple password gave another error:

Exception calling “Invoke” with “2″ argument(s): “The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements. (Exception from HRESULT: 0x800708C5)”

I don’t know why the Password Property and SetPassword Method do not work but I guess it’s a problem in PowerShell’s implementation of the ADSI provider. If someone has the answer please leave a comment!

VN:F [1.9.3_1094]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)
convert this post to pdf.