Question : Enabling "User must change password at first login"

So my code has been working fine for a while now.  I attempted to get the "User Must Change Password at First Login" to be checked, but it NEVER worked.  All the rest is fine, like I said.

I think my issue lies with not Powershell, but with ADSI.  I looked around for a couple days on the net a while back, and didn't find a way to do this.  I tried to to use the -objectAttributes custom change, but that didn't work either.  From what I recall, if you change the pwdLastSet to 0, and then set userAccountControl to 512, you should be able to get the "User Must Change..." to be checked.  Obviously this didn't work.  Anyone have any ideas?  BSonPosh?  I got some more questions for you after this one too, so stay tuned :)

And also I have QAD addin installed.  At the time I write this script (February I think), I had the latest QAD release.  I don't think the problem resides in the QAD though.  In thinking about this as I'm writing, I'm also wondering if I would have to change that attribute AFTER I create the account.  Which I think I might have tried, but I can't really recall.

Thanks for any help in advance.
Code Snippet: 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:

New-QADUser -ParentContainer 'ou=NewUsers, ou=Users, dc=Contoso, dc=com' `
 -Name $strName `
 -Description $strDescription `
 -sAMAccountName $sAMAccountName `
 -UserPrincipalName $userPName `
 -lastName $strLast `
 -FirstName $strFirst `
 -displayName $strDisplayName `
 -userPassword 'userPassword' `
 -office $strOffice `
 -phone $strPhone `
 -objectAttributes @{accountExpires = '123123432000000000'; `
 scriptPath = 'logon.bat'; `
 pwdLastSet = '0'; `
 userAccountControl = '512'}
Open in New Window Select All

Answer : Enabling "User must change password at first login"

Setting pwdLastSet to "0" should indeed check that box in the GUI. The userAccountControl is not needed. That just enable/disables the user. Quest has cmdlets for those enable-qaduser.

Why are you setting accountExpires?

And yes... you should do a two step process (three really)
create user
set properties
enable user
Random Solutions  
 
programming4us programming4us