by Neph09 at 2012-12-07 08:24:37
Hi,by Neph09 at 2012-12-07 08:53:54
I have just started using power shell and exchange powershell and journeying through the process of creating my own scripts with the help of the web.
After abit of work i managed to create:
Get-Content C:\Scripts\Users.txt | Set-QADUser -Identity {$} -PasswordNeverExpires $false
However what i also want to do within the same script to all users part of the Users.txt file is change the "pwdLastSet" attribute to 0 and confirm and then set it to -1 and confirm,
Having tested manually this does exactly what i want it to but i am unsure how to make it do that after my original part of the script:
Get-Content C:\Scripts\Users.txt | Set-QADUser -Identity {$} -PasswordNeverExpires $false
Just wondered if anyone could advise, and also point me in the direction of good learning material.
I think i may have just solved this myself but for any Pro’s out there is this correct as it appears to be working:by Neph09 at 2012-12-10 06:34:43
Get-Content C:\Scripts\Users.txt | Set-QADUser -Identity {$} -PasswordNeverExpires $false
Get-Content C:\Scripts\Users.txt | Set-QADUser -ObjectAttributes @{pwdLastSet=‘0’}
Get-Content C:\Scripts\Users.txt | Set-QADUser -ObjectAttributes @{pwdLastSet=‘-1’}
Essentially it removes the Password Expire value.
Sets The system to think the password has never expired
Sets the system to know the password has been changed today without the password changing
[quote="Neph09"]I think i may have just solved this myself but for any Pro’s out there is this correct as it appears to be working:by ArtB0514 at 2012-12-10 10:42:48Get-Content C:\Scripts\Users.txt | Set-QADUser -Identity {$} -PasswordNeverExpires $false
Get-Content C:\Scripts\Users.txt | Set-QADUser -ObjectAttributes @{pwdLastSet='0'}
Get-Content C:\Scripts\Users.txt | Set-QADUser -ObjectAttributes @{pwdLastSet='-1'}
Essentially it removes the Password Expire value.
Sets The system to think the password has never expired
Sets the system to know the password has been changed today without the password changing[/quote]
Can anyone advise how i get it to continue even if it hits an error.
So i am running this against 200 users but it threw an error:
Set-QADUser : Ambiguous identity: XXXXXXX.
At C:\Scripts\Remove Password Expires.ps1:3 char:47
+ Get-Content C:\Scripts\Users.txt | Set-QADUser <<<< -ObjectAttributes @{pwdLastSet=‘-1’}
+ CategoryInfo : NotSpecified: ([Set-QADUser], IdentityException
+ FullyQualifiedErrorId : Quest.ActiveRoles.ArsPowerShellSnapIn.BusinessLogic.IdentityException,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.SetUserCmdlet
I want it to carry on processing however it doesn’t and just stops.
Why not just look up the user once and use a Try-Catch block to handle the errors? Note that I didn’t check your logic to see if it was correct or not, so there may be other errors.Get-Content C:\Scripts\Users.Txt | foreach {
Try {
$User = Get-QADUser $_ -ErrorAction Stop
$User | Set-QADUser -PasswordNeverExpires $false -ObjectAttributes @{pwdLastSet='0'}
$User | Set-QADUser -ObjectAttributes @{pwdLastSet='-1'}
}
Catch {}
}