In this guide, I’ll show you how to use the AD Bulk updater tool to reset the password for multiple Active Directory users.
The bulk user updater uses a CSV file to make bulk changes to user accounts. You could use the same password (not recommended) or provide a different password for each user.
You will need the username of each account that you want to reset. You could easily get a list using PowerShell or use the user export tool that is included with the bulk updater. With the export tool, you can quickly export all domain users, export from an OU or a group.
Let’s get started.
Step 1: CSV File Setup
Click the Bulk Update button to generate a CSV template file.
Now add the usernames to Column A and the password to Column B.
For this demo, I’m going to reset the password for all the users in my Accounting OU (258 user accounts). Here is a screenshot of my CSV file.
If you want to enable “user must change password at next logon” add a pwdLastSet column to the CSV and set it to 0.
I used an online tool to generate a bunch of random passwords. That is it for setting up the CSV. Easy stuff! Move to step 2.
Step 2: Run the Bulk updater tool
With the Bulk Updater tool open select the CSV file, make sure “Update users” is selected, and click run.
When the update is complete click the log button and make sure there are no errors in the logs.
Success! I just updated the password for over 200 users and it was super fast.
Bulk Password Reset Best Practices
There should be specific use cases for doing a bulk password reset. In my experience, this is not a common task. Here are a few best practices and use cases for doing a bulk password reset.
- Set a different password for each user. It is a huge security risk if every users has the same password (triple the security risk if you email the password to the users)
- Make sure your supervisor and the helpdesk know your doing a bulk password reset.
- Account compromised – If it was a single account that was compromised then a reset probably is not needed. If you know of multiple accounts that fell victim to a phishing email or some credential stealing virus then yes a bulk reset is needed.
- New account setup – Maybe something went wrong with during the new account setup or you forgot what password you set.
- Do not set passwords to never expire
- Set long password (12+ characters)
In this guide, I showed you how to use the bulk update tool to reset the password for multiple users. The bulk update tool comes with a CSV template that allows you to bulk update user account properties. In addition to resetting passwords, you can update users’ display name, email addresses, company, department, address, and more.