$theTitle=wp_title(" - ", false); if($theTitle != "") { ?>
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
24 Nov // php the_time('Y') ?>
I needed to do a mass password change on imported accounts and decided to do this with Powershell. For some reason (maybe because I am using PowerShell 2.0) I got an unexpected error when using the Password property or the SetPassword method (RandomPassword is a function I wrote that generates Random passwords the meet the Complexity Requirements):
1 2 | $user.Password = RandomPassword $user.CommitChanges() |
The following exception occurred while retrieving member “CommitChanges”: “Logon failure: unknown user name or bad password.
I first thought that my Password Generator function created a password that didn’t meet the Complexity Requirements but settings the same password through Active Directory Users & Computers was no problem.
I also tried the SetPassword method but it has the same result. The only working way was to use the Invoke method of PSBase:
1 2 | $user.PSBase.Invoke("SetPassword", "SecretDifficultPassword2009") $user.CommitChanges() |
I also verified if using a simple password gave another error:
Exception calling “Invoke” with “2” argument(s): “The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements. (Exception from HRESULT: 0x800708C5)”
I don’t know why the Password Property and SetPassword Method do not work but I guess it’s a problem in PowerShell’s implementation of the ADSI provider. If someone has the answer please leave a comment!
2 Responses for "PowerShell 2.0: Changing password through ADSI problem"
to use with setpassword you may have to use
$secure_string_pwd = convertto-securestring “Password2007” -asplaintext -force
Your Problem is the following (came across with it too)
Your Function generates Passwords. In these Passwords my be Symbols for example like “$”.
But If you save the string with $ in a variable it will replace it due to assuming there is a variable used in the string!
So dont use “Password” use ‘Password’ !!!!
It wont replace then.
have a try with :
([adsi](“WinNT://”computername/user)).SetPassword(“Pa$$w0rd”)
([adsi](“WinNT://”computername/user)).SetPassword(‘Pa$$w0rd’)
[Replace computername/user with your Credentials or via variable e.g Workstation/Thomas
Leave a reply