Skip to main content

How difficult would it be to create a worklet to force a password reset on Windows 10 Pro PCs?

That should be doable as long as there’s a powershell command or registry setting we can set. I’ll do some research and see what I find out. If anyone else knows the answer feel free to point me in the right direction!


From some initial poking around it looks like it’s possible:






I’m assuming your use case is for local user accounts that aren’t in AD?


Yes, we are running without AD or an AD domain.


I’ve looked into Jumpstart for managing our PCs, but it seems like so much can be done with Worklets that we can get along with them for the few administrative things we want to do (enforce minimum password security, locked screen savers, etc.)


^JumpCloud


Sounds good. We’re working on creating a bunch of new Worklets so I’ll add this to our list to work on for you.


Thanks!


Sorry for the delay - I finally got some time to work on this and wrote up a worklet here:
 

 

 


This will force local users (non-AD) to change their password the next time they login.
Note that this script will apply this setting to all local users on the Windows machine. It assumes they have the permissions to change their own passwords, but it does make sure that the passwords aren’t set to never expire. If the password is set to never expire then the command to force a password change won’t succeed.
Evaluation code:
Exit 1

The evaluation code just returns an exit code of 1 to make…

 

 

 

 

 

Let me know if that works for you!