Checkout this mate: How do I modify Active Directory attributes for all members of an Organizational Unit in my domain? http://www.jsiinc.com/SUBP/tip7700/rh7785.htm <http://www.jsiinc.com/SUBP/tip7700/rh7785.htm> -----Original Message----- From: windows2000-bounce@xxxxxxxxxxxxx [mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Puetz, Christoph (TH USA) Sent: 25 October 2004 21:13 To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Force Password change on next logon I am trying to set the "User must change password at next logon" flag on all user in a specific OU. I had no problems getting a script to work that does it per user. But it is quite cumbersome if you have several hundred users in that OU. Any idea how to do it per OU and all users listed in that OU? The code I have so far is: Set objUser = GetObject _ ("LDAP://CN=myerken,OU=management,DC=Fabrikam,DC=com";) objUser.Put "pwdLastSet", 0 objUser.SetInfo I also tried the code below but it does not work. Anyone here who eventually can help me figure that out or has an existing script that resets the flag to force a password change on the next logon? Christoph Option Explicit Dim objOU, objUser, objRootDSE Dim strContainer, strLastUser, strDNSDomain, intCounter, intAccValue Set objRootDSE = GetObject("LDAP://RootDSE";) strDNSDomain = objRootDSE.Get("DefaultNamingContext") strContainer = "OU=test ," intAccValue = 544 strContainer = strContainer & strDNSDomain set objOU =GetObject("LDAP://"; & strContainer ) WScript.Quit