#This script will generate randdom complex passwords for all AD users
#Using Time class and start reporting
$TimeStamp = [datetime]::Now.ToString(“MM-dd-yyyy-HH-mm”)
Start-Transcript -Path C:\SyncReports\Logs\Logs_$TimeStamp.txt -IncludeInvocationHeader
#Generate report
$Report = [System.Collections.Generic.List[Object]]::new()
#Check if Excel Module is installed, if not it’ll ask to install it
##Check Protocol and Setting Secure Connectivity
[Net.ServicePointManager]::SecurityProtocol
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls, [System.Net.SecurityProtocolType]::Tls11,[System.Net.SecurityProtocolType]::Tls12
#Install PowershellGet and ImportExcel Modules
if (Get-Module -ListAvailable -Name PowershellGet) {
Write-Host “PowershellGet exists”
} else {Install-Module PowershellGet -Force}
if (Get-Module -ListAvailable -Name ImportExcel) {
Write-Host “ImportExcel exists”
}
else {
Write-host “Module does not exist, Would you like to install it?”
$options = [System.Management.Automation.Host.ChoiceDescription[]] @(‘&Yes’, ‘&No’)
if(0 -eq $host.UI.PromptForChoice(‘Install?’ , ‘Would you like to install ImportExcel’ , $Options,0)){
Write-Host “Installing Excel Module”… -fore green
Install-Module -Name ImportExcel
return
}
}
# Import System.Web assembly
Add-Type -AssemblyName System.Web
#Defining where to get users from:
$Users = Get-ADUser -SearchBase “OU=Moh10ly_Users,DC=moh10ly,DC=local” -Filter * -Properties *
#$Users = Import-Csv “C:\SyncReports\Users.csv”
foreach ($User in $Users){
$UID = $User.UserPrincipalName
$ObjectProp = Get-ADUser -Filter {(Mail -like $UID) -or (UserPrincipalName -like $UID)} -Properties *
#Generate New Password
$NewPassword=[System.Web.Security.Membership]::GeneratePassword(32,4)
$Password= ConvertTo-SecureString $newPassword -AsPlainText -Force
$TEXTO = “$newPassword”
$ENCODED1 = [Convert]::ToBase64String([Text.Encoding]::Unicode.GetBytes($TEXTO))
$Name = $ObjectProp.Name
$SAM = $ObjectProp.SamAccountName
if($SAM){
$ReportLine = [PSCustomObject][Ordered]@{
DateandTime = $TimeStamp
UPN = $ObjectProp.UserPrincipalName
DisplayName = $ObjectProp.Displayname
Email = $ObjectProp.Mail
Encoded = $ENCODED1
Password = $newPassword
Error = $ObjectProp.Exception.Message
}
$Report.Add($ReportLine)
#Wait for Email to send
#Start-Sleep -Seconds 15
#Resetting user’s password
Set-ADAccountPassword -Identity $User.SamAccountName -NewPassword $Password -WhatIf
}
else {$Error = Write-Host -f Red “$($User) Couldn’t be found”
#send-mailmessage -from “admin@skybirdtravel.com” -to “admin@skybirdtravel.com” -subject “Password reset didn’t work for $($User.UserprincipalName) on $TimeStamp” -body “$Error” -Priority High -smtpServer mailcleaner.cloudapphost.net}
}
}
Stop-Transcript
Write-Host (“{0} Users processed” -f $Users.count)
#$Report | Out-GridView
$ExcelPassword =[System.Web.Security.Membership]::GeneratePassword(32,4)
$Report | Select-Object UPN,Displayname,Email,Encoded,Password | Export-Csv -NoTypeInformation “C:\SyncReports\UserReset_$TimeStamp.csv”
$Report | Export-Excel “C:\SyncReports\UserReset_$TimeStamp.xlsx” -WorksheetName Users -TableName Users -AutoSize -Password “$ExcelPassword”
$Exported = “C:\SyncReports\UserReset_$TimeStamp.xlsx”
$MailBody = “
<html><body>
<font color=’006400′> Dear Team, Please find attached the list of users and their passwords encoded … `
The file is protected with password // $ExelPassword // If any issue you can send an email to support@domain.com .</font>
<body><html>
“
$CC = @(‘info@moh10ly.com’)
#Get-ChildItem $Exported | send-mailmessage -from “admin@domain.com” -to “report@domain.com” -Cc $CC -subject ” User Passwords List for the date $date” -body “$MailBody” -Priority High -smtpServer relay.domain.com -BodyAsHtml