Setting passwords for multiple users

Scenario description

In this scenario we will demonstrate how to bulk set the password for a group of users.
 
Perhaps you have a new group of volunteers who come in once a week to help out or you provide demo workstations for use at a conference. A bulk password change can be useful to change generic logins on a regular basis. By designating a group of users by a department you can bulk reset passwords based on that department name.
 
In this example we will reset all users in the “Volunteers” department, but to do this we need to export the Office 365 usernames to a CSV file. It is a good idea to review the names contained in the CSV file to ensure you have identified the correct users before resetting any passwords.

Once we have a validated list of users in CSV format, we have three simple methods to create and assign a new password to each user, depending on your use case.
 
Note: We have also included a command to force a password reset upon login but this is optional.

Connect to Azure Active Directory and setting passwords for multiple users

To begin, you will need to connect to Azure Active Directory.
Import-Module MSOnline
$credential = get-credential
Connect-MsolService -Credential $credential

This command will export a list of all users in the “Volunteers” department to a CSV file. It is a good idea to review the names contained in the CSV file FIRST to ensure you have identified the correct users.

Get-MsolUser | Where { $_.department -eq "Volunteers" } | select UserPrincipalName | Export-Csv .\volunteers.csv -NoTypeInformation
Once you have a list of users in a CSV file, here are three ways you can configure a new password for each.

1. Set a single password and assign the same password to all users

2. Manually define a new password for each user and assign in bulk.

3. Have Azure AD automatically generate a password for each user, and assign in bulk.

Option 1: In this option, you will assign a password to a variable and assign it to all the users in the “Volunteers” department CSV file that you exported previously. Set new password (note that it must comply with the password policy of 9-16 characters, with at least one number or special character). 

This script will also enforce a password change.

$PASS = 'New@PassWord'
Import-Csv .\Volunteers.csv | ForEach-Object {Set-MsolUserPassword -userPrincipalName $_.UserPrincipalName -NewPassword $PASS -ForceChangePassword $True}

Option 2: In this option, you will be manually assigning a password to each user in the “Volunteers” department CSV file that you exported previously. First, you would need to add a column next to the UserPrincipalName labelled Password and then assign a password to all the users in the list.

This script will also enforce a password change.

Import-Csv .\Volunteers.csv | ForEach-Object {Set-MsolUserPassword -userPrincipalName $_.UserPrincipalName -NewPassword $_.Password -ForceChangePassword $True}

Option 3: In this option, Azure AD will automatically generate and assign a password to each user. This script will return a list of the UserPrincipalNames and their new passwords once complete.

Import-Csv .\Volunteers.csv | ForEach-Object {[string[]]$a+= $_.UserPrincipalName + "  " + (Set-MsolUserPassword -userPrincipalName $_.UserPrincipalName -ForceChangePassword $True)} ;$a