Friday, January 27, 2017

Generating Multiple Strong Passwords with PowerShell

One of my customer accounts created many "service" accounts for Common Area Phones, and there is a requirement that the passwords on those accounts be changed periodically. There are a several hundred of these accounts, so I needed a way to generate strong passwords for all the accounts and give them to me in a format I can use to either hand over to the team that will be changing those passwords, or that I can "pull" into another script to change the passwords. With this in mind,  I wrote a script to generate strong passwords for the service accounts. It can run on any computer that has PowerShell. You will need a list of account names to generate the passwords for. This list needs to be in a CSV and the accounts need to be in a column named “SamAccountName”.  



When you run the script, you’ll be prompted for the file path and name that needs to be imported. If the file is in the current directory, then just type the filename, i.e. caps.csv.



The output file will open when the script is complete, and can be found in the current directory:



 And will look like:



 

To use this, cut and paste the following into a file and save it as “New-Passwrods.ps1” :

 

<# 

.SYNOPSIS 

       This script generates a new AD Password for each SamAccountName given from a CSV file.

 

.EXAMPLE

    .\New-Passwords.ps1

 

    Reads Input file and creates a new password for each username and then outputs them

    to a csv called NewPWList.csv

 

 

.NOTES 

  Version                         : 0.1

  Rights Required                 : Standard

  Lync Version                    : 2013 (Tested on CU May 2016)

  Author                          : Sean McNamara - sean@sean-mcnamara.me

  Last Update                     : 27-January-2017

  Disclaimer                      : It's up to you to thoroughly test this script before using.
                                    I accept no responsibility for any unplanned issues this may cause.

 

.VERSION

  0.1 - Initial Version

 

#>

 

$File = Read-Host -Prompt 'Full path and name of file to import, please.'

$CAPS = Import-csv $File

 

$resultsarray = @()

Add-Type -AssemblyName System.Web

 

 

foreach($CAP in $CAPS){

    $NewPW = [System.Web.Security.Membership]::GeneratePassword(15,2)

    #$Result += $CAP.SamAccountName, $NewPW

    $PWObject = New-Object PSObject

    $PWObject |Add-Member -MemberType NoteProperty -Name "SamAccountName" -Value $CAP.SamAccountName

    $PWObject |Add-Member -MemberType NoteProperty -Name "NewPassword" -Value $NewPW

    $resultsarray += $PWObject

    }
$resultsarray |Export-csv .\NewPWList.csv -notype

Invoke-Item .\NewPWList.csv


 
I hope some of you out there will find this useful. Feel free to play with it. Thanks.