Below I have some code that will ask the user for their admin credentials and if they’re within that domain, the script proceeds and then resets the password of a user of their choosing. It works…but, the one I’m writing this for wants to be able to bypass the prompt that comes up by default asking for the user’s existing password before it gets reset. He doesn’t know everyone’s password and would rather not dig for it. I cannot find ANYTHING on how to do this online. Does anyone have suggestions? I have my code below and the lower half is just the addition of a text box so you can ignore it. Thanks!
# Function to generate a random password
function Generate-RandomPassword {
param (
[int]$Length = 12
)
$charPool = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()-_=+[]{}|;:',.<>/?"
$password = ""
for ($i = 0; $i -lt $Length; $i++) {
$password += $charPool[(Get-Random -Minimum 0 -Maximum $charPool.Length)]
}
return $password
}
# Prompt user to enter admin credentials
$AdminUsername = Read-Host "Enter the admin username"
$AdminPassword = Read-Host "Enter the admin password" -AsSecureString
$AdminCredential = New-Object System.Management.Automation.PSCredential($AdminUsername, $AdminPassword)
# Verify if the provided admin is in the domain
$AdminExists = Get-ADUser -Filter {SamAccountName -eq $AdminUsername} -Credential $AdminCredential -ErrorAction SilentlyContinue
if ($AdminExists) {
# Prompt user to enter a username
$Username = Read-Host "Enter the username for which you want to change the password"
# Check if the Active Directory user exists
$UserExists = Get-ADUser -Filter {SamAccountName -eq $Username} -ErrorAction SilentlyContinue
if ($UserExists) {
# Generate a random password
$RandomPassword = Generate-RandomPassword
# Change the user's password
$SecurePassword = ConvertTo-SecureString -AsPlainText $RandomPassword -Force
Set-ADAccountPassword -Identity $Username -NewPassword $SecurePassword -Credential $AdminCredential
# Output the random password in a text box
Add-Type -AssemblyName PresentationFramework
$TextBox = New-Object Windows.Forms.TextBox
$TextBox.Multiline = $true
$TextBox.Text = $RandomPassword
$TextBox.SelectAll()
$Form = New-Object Windows.Forms.Form
$Form.Text = "Random Password"
$Form.Size = New-Object Drawing.Size(300, 100)
$Form.Controls.Add($TextBox)
$Button = New-Object Windows.Forms.Button
$Button.Text = "Copy Password"
$Button.Add_Click({
$TextBox.SelectAll()
$TextBox.Copy()
$Button.Text = "Copied!"
})
$Form.Controls.Add($Button)
$Form.ShowDialog()
# Log the operation in a text file
$LogEntry = "Date: $(Get-Date), Admin: $AdminUsername, User: $Username"
$LogPath = "C:Temp"
Add-Content -Path $LogPath -Value $LogEntry
} else {
Write-Host "User '$Username' not found in Active Directory. Please enter a valid username."
}
} else {
Write-Host "Invalid admin credentials. Please make sure the provided admin is in the domain."
}
