Force all AD user account change their password at next logon using PowerShell

Updated: Aug 2, 2019

In this post this time, I will show how to force your AD user to change their password at next logon, but this time we use Powershell instead of GUI.

Sometime it happen that your user need to have their own password & they prefer to change by them-self , so as a Server Admin, you just execute few PowerShell command and all your users can change their own password on their next restart.

So lets get started then....

1 - on your AD Server, open PowerShell, and type Get-ADUser -Filter * -SearchBase "ou=MelakaBranch,dc=cpx,dc=local" | Format-Wide DistinguishedName

-- This command you just execute is to verify that you have full of users listed in that particular OU.

-- for this demo I'm using MelakaBranch OU (for those who follow my blog, you notice since the beginning of all deployment, i'm using the same OU for demo purposes)


2 - next, type this command to allow all users in that particular OU (MelakaBranch) to change their password at next logon.

Get-ADUser -Filter * -SearchBase "ou=MelakaBranch,dc=cpx,dc=local" | Set-ADUser -ChangePasswordAtLogon $true

3 - Next, turn on your Windows 8 machine, key in one of the user name available in MelakaBranch OU, for this demo I'm using user name Dylan.


4 - Dylan have to enter his own password here.. and press enter


5. and finally, your user now set his own password.


Contact Us

Our Office :

OSI TECHNOLOGY SDN BHD

16-1 Jalan Opera D U2/D,

Taman TTDI Jaya,

40150 Shah Alam,

Selangor Darul Ehsan

Tel : 603 7846 3080

Fax : 603 7848 3180

Email : info_osi@osi.com.my

Training Centre & Exam Centre : 

OSI TECHNOLOGY SDN BHD

20-1 Jalan Opera G U2/G,

Taman TTDI Jaya,

40150 Shah Alam,

Selangor Darul Ehsan