https://github.com/tools4everbv/helloid-task-sa-target-activedirectory-accountpasswordreset
Active Directory - User account reset password
https://github.com/tools4everbv/helloid-task-sa-target-activedirectory-accountpasswordreset
active-directory delegated-form powershell product service-automation task
Last synced: about 1 year ago
JSON representation
Active Directory - User account reset password
- Host: GitHub
- URL: https://github.com/tools4everbv/helloid-task-sa-target-activedirectory-accountpasswordreset
- Owner: Tools4everBV
- Created: 2023-02-28T14:56:40.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-01-09T15:11:06.000Z (over 2 years ago)
- Last Synced: 2025-02-25T22:13:46.969Z (over 1 year ago)
- Topics: active-directory, delegated-form, powershell, product, service-automation, task
- Language: PowerShell
- Homepage:
- Size: 28.3 KB
- Stars: 0
- Watchers: 4
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: readme.md
Awesome Lists containing this project
README
# HelloID-Task-SA-Target-ActiveDirectory-AccountPasswordReset
## Prerequisites
- [ ] The HelloID SA on-premises agent installed
- [ ] The ActiveDirectory module is installed on the server where the HelloID SA on-premises agent is running.
## Description
This code snippet will administratively reset the password a user within Active Directory and executes the following tasks:
1. Define a hash table `$formObject`. The keys of the hash table represent the properties required for the execution of the password reset task, while the values represent the values entered in the form.
> To view an example of form output, please refer to the JSON code pasted below.
```json
{
"UserPrincipalName": "testuser@mydomain.local",
"password" : "mySecretpassword191287436235^",
"ChangePasswordAtNextLogon" : true
}
```
> :exclamation: It is important to note that the names of your form fields might differ. Ensure that the `$formObject` hashtable is appropriately adjusted to match your form fields.
2. Imports the ActiveDirectory module.
3. Verifies that the account of which the password must be reset exists based on the `userPrincipalName` using the `Get-ADUser` cmdlet.
4. If the account does exist, the password is reset using the `Set-ADAccountPassword` cmdlet, otherwise an error is generated.
5. After succesfully resetting the password, the `Set-ADUser` cmdlet is run to set the flag "user must change password at next logon" to the specified value.