So I was updating the PowerGUI AD pack the other day and wanted to add random password generation function for Reset Password action.
Here’s the code I came up with:
#Set up random number generator
$rand = New-Object System.Random
#Generate a new 10 character password
1..10 | ForEach { $NewPassword = $NewPassword + [char]$rand.next(33,127) }
#Reset the password
Set-QADUser "Dmitry Sotnikov" -UserPassword $NewPassword
That’s it. I guess I could get more fancy by ensuring that characters from 3 out of 4 character groups are present, etc. but this was the easiest one-liner to keep me going.
Tags: oneliner, AD cmdlets, cmdlets, one-liner, PowerShell, AD, Active Directory, Examples, Password management
HI Dimitry,
I have a function thats not as simple as yours, but does generate complex passwords. It’s filed under the less than obvious post:
http://www.leadfollowmove.com/archives/powershell/powershell-less-code-same-result
I was comparing the same function between VBS and PoSH, and used a password gen function as my sample.
Cheers
Adam 🙂
Hey Adam! Thanks for the link. I agree that technically my oneliner might in some cases fail to generate a complex password but I wanted it so much to be a oneliner! 😉
Anyway, I’m glad you posted a link to your script so folks can find an alternative while reading this post.
Dmitry
Here’s an even simpler call for password generation
If you already have the assembly loaded, you can skip the first line:
[Reflection.Assembly]::LoadWithPartialName(“System.Web”)
Then it really is a one-liner
[System.Web.Security.Membership]::GeneratePassword(10,2)
Wow! Yes, it looks like you can use the method standalone without other Membership functionality, so yes, great tip! Learning something new every day.
hi team,
We are changing the IIS server password every 90 days once.can you please help me to automate the process of changing random password for more than 100 IIS Servers(Windows 2003) using POWERSHELL.
Internet information services-.server name->application pools->default application pool->properties->identity->confiurable->user name:- abc
password:- abc
Thanks in Advance
Shanmugam.u
Is there any method of randomizing a alphabetical character only password?
Thanks
Robbie.
Robbie,
How about this:
1..10 | ForEach { $NewPassword = $NewPassword + [char]((Get-Random -Minimum 65 -Maximum 91) + (Get-Random -Maximum 2)*32) };
If you have more questions, please ask at our AD & PowerShell forum here: http://powergui.org/forum.jspa?forumID=173
Dmitry
watch out you probably shouldn’t use System.random as the random number generator especially if you are planning to use it on very many accounts:
on MSDN
“Random Initializes a new instance of the Random class, using a time-dependent default seed value.” So the more precisely a potential attacker knows of the time at which the passwords where generated the smaller the search space.
what if I want to know what the password it?
The password is in the $NewPassword variable. So just add the line:
$NewPassword
before or after the Set-QADUser and you will see the password in the PowerShell console.