Manachi Manachi - 3 months ago 20
PowerShell Question

How to automatically populate Active Directory hashedPassword field using PowerShell

I'm working with a client who is attempting to import AD users via

PowerShell
. The following command is being used as an initial test:

New-ADUser -Name "John Smith" `
-SamAccountName Smithbor `
-GivenName John `
-Surname Smith `
-EmailAddress john.smith@stackoverflow.com `
-Path 'OU=Users,DC=stackoverflow,DC=com' `
-ChangePasswordAtLogon $false `
-Enabled $true `
-AccountPassword (ConvertTo-SecureString -AsPlainText "foo12345678" -Force)


This appears to work, in that it correctly creates an AD user, however the
hashedPassword
field is not being populated, and this
hashedPassword
field is required for some further integration. Is there a way to automatically populate the
hashedPassword
field at this stage?

Answer

Sometimes the password setting can fail due to password policy restrictions. You could try using Set-ADAccountPassword to set the password after the account has been created.

Set-ADAccountPassword -Identity username -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "password" -Force)