Benutzer-Werkzeuge

Webseiten-Werkzeuge


Seitenleiste

activedirectory:resetpassword

Passwort zurücksetzen

param
(
	[string]$Server,
	[string]$Username
)
 
function GeneratePassword
{
	param
	(
		[int]$Length,
		[int]$CountSmallLetter,
		[int]$CountCapitalLetter,
		[int]$CountNumber,
		[int]$CountSpecial
	)
 
	$listLetterSmall=@("a","b","c","d","e","f","g","h","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z")
	$listLetterCap=@("A","B","C","D","E","F","G","H","J","K","L","M","N","P","Q","R","S","T","U","V","W","X","Y","Z")
	$listNumber = @("2","3","4","5","6","7","8","9")
	$listS = @("#", "+", "?", "!", ".")
	$Type = @("smallletter", "bigletter", "number", "special")
 
	$pw = ""
 
	$estLength = $CountSmallLetter + $CountCapitalLetter + $CountNumber + $CountSpecial
 
	if ($Length -ne $estLength) {throw "Länge passt nicht mit den angeforderten Symbolmengen überein!"}
 
	$cSLetter = 0;
	$cBLetter = 0;
	$cNumber = 0;
	$cSpecial = 0;
 
	for ($i=0; $i -lt $Length; $i++)
	{
		$accept = $false
		do 
		{
			$tmp = $Type | Get-Random
			if ($tmp -eq "smallletter" -and $cSLetter -lt $CountSmallLetter) {$accept = $true}
			if ($tmp -eq "bigletter" -and $cBLetter -lt $CountCapitalLetter) {$accept = $true}
			if ($tmp -eq "number" -and $cNumber -lt $CountNumber) {$accept = $true}
			if ($tmp -eq "special" -and $cSpecial -lt $CountSpecial) {$accept = $true}
		} while ($accept -eq $false)
		switch ($tmp)
		{
			"smallletter"
			{
				$pw += $listLetterSmall | Get-Random
				$cSLetter += 1
			}
			"bigletter"
			{
				$pw += $listLetterCap | Get-Random
				$cBLetter += 1
			}
			"number"
			{
				$pw += $listNumber | Get-Random
				$cNumber += 1
			}
			"special"
			{
				$pw += $listS | Get-Random
				$cSpecial += 1
			}
		}
	}
	$pw
}
 
$NewPassword = GeneratePassword -Length 8 -CountSmallLetter 3 -CountCapitalLetter 2 -CountNumber 2 -CountSpecial 1
 
Import-Module ActiveDirectory
 
Set-ADAccountPassword -Identity $Username -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $NewPassword -Force) -Server $Server | Out-Null
Set-ADUser -Identity $Username -ChangePasswordAtLogon -Server $Server
 
$NewPassword

Zum Schluss wird das Passwort zurück gegeben.

activedirectory/resetpassword.txt · Zuletzt geändert: 2017/05/18 15:42 von ronny