$logPath="C:\inetpub\changePwd_log.txt" "=============" + [DateTime]::Now.ToString() + "=============" | Out-File -FilePath $logPath -Append $sysUsers=",administrator,spadmin,joh,guest,Uwe Kukla,krbtgt," #$strFilter = "(&(objectCategory=User)(Department=Finance))" $strFilter = "(&(objectCategory=User))" $objDomain = New-Object System.DirectoryServices.DirectoryEntry $objSearcher = New-Object System.DirectoryServices.DirectorySearcher $objSearcher.SearchRoot = $objDomain $objSearcher.PageSize = 1000 $objSearcher.Filter = $strFilter $objSearcher.SearchScope = "Subtree" $colProplist = "name" foreach ($i in $colPropList) { # $objSearcher.PropertiesToLoad.Add($i) } $colResults = $objSearcher.FindAll() foreach ($objResult in $colResults) { $objItem = $objResult.Properties; #$objItem.name if($sysUsers.tolower().contains("," + $objItem.name[0].tolower() + ",")) { continue; } $now=[DateTime]::Now.AddHours(-2) #$now=[DateTime]::Now.AddMinutes(-2) #$dt=[datetime]::FromFileTimeUtc($objItem.properties.pwdlastset.value) $dt=[datetime]::fromfiletime($objItem.pwdlastset[0]) #write-host($objItem.name[0]) #if($objItem.name[0].ToLower().Equals("test4")) #{ # write-host($objItem.name[0] + " " + $dt + " " + $now) #} if($now -gt $dt) { $secure = convertto-securestring "Abaa11" -asplaintext -force #write-host($objItem.distinguishedname[0]) #Set-ADAccountPassword -Identity $objItem.name[0] -NewPassword $secure -reset Set-ADAccountPassword -Identity $objItem.distinguishedname[0] -NewPassword $secure -reset #write-host($objItem.name[0] + " " + $dt.tostring()) $objItem.name[0] + " " + $dt.tostring() + " " + [DateTime]::Now.tostring() | Out-File -FilePath $logPath -Append } ##Write-Host ([DateTime]::Now.AddHours(-2).ToString()) #$objItem.pwdlastset }