$logPath="C:\inetpub\changePwd_log.txt"
"=============" + [DateTime]::Now.ToString() + "=============" | Out-File -FilePath $logPath -Append
$sysUsers=",administrator,spadmin,joh,guest,Uwe Kukla,krbtgt,"
#$strFilter = "(&(objectCategory=User)(Department=Finance))"
$strFilter = "(&(objectCategory=User))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"
$colProplist = "name"
foreach ($i in $colPropList)
{
# $objSearcher.PropertiesToLoad.Add($i)
}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{
$objItem = $objResult.Properties;
#$objItem.name
if($sysUsers.tolower().contains("," + $objItem.name[0].tolower() + ","))
{
continue;
}
$now=[DateTime]::Now.AddHours(-2)
#$now=[DateTime]::Now.AddMinutes(-2)
#$dt=[datetime]::FromFileTimeUtc($objItem.properties.pwdlastset.value)
$dt=[datetime]::fromfiletime($objItem.pwdlastset[0])
#write-host($objItem.name[0])
#if($objItem.name[0].ToLower().Equals("test4"))
#{
# write-host($objItem.name[0] + " " + $dt + " " + $now)
#}
if($now -gt $dt)
{
$secure = convertto-securestring "Abaa11" -asplaintext -force
#write-host($objItem.distinguishedname[0])
#Set-ADAccountPassword -Identity $objItem.name[0] -NewPassword $secure -reset
Set-ADAccountPassword -Identity $objItem.distinguishedname[0] -NewPassword $secure -reset
#write-host($objItem.name[0] + " " + $dt.tostring())
$objItem.name[0] + " " + $dt.tostring() + " " + [DateTime]::Now.tostring() | Out-File -FilePath $logPath -Append
}
##Write-Host ([DateTime]::Now.AddHours(-2).ToString())
#$objItem.pwdlastset
}
浙公网安备 33010602011771号