DRAG DROP
A company has 50 employees that use Office 365.
You need to enforce password complexity requirements for all accounts.
How should you complete the relevant Windows PowerShell command? To answer, drag the
appropriate Windows PowerShell segment to the correct location or locations. Each Windows
PowerShell segment may be used once, more than once, or not at all. You may need to drag the split
bar between panes or scroll to view content.
Answer: 
Explanation:
Now by no way am I a Powershell expert….but to me that look like it would change the password and not force a change.
Am I wrong? Show me why please
By default users will be forced to change password on login
This answer is tricky in the wording (You need to reset all passwords for all users, AND force a password change on next login)
By default ForcePasswordChange is set to $true, in order to bypass it in a script you have to change it to 0 or $false.
Get-MSOLUser -ALL | Set-MSOLUserPassword -ForceChangePassword $true
Would accomplish the 2nd part of the question, but not the first. Making the answer above the only one that is correct.
http://msdn.microsoft.com/en-us/library/azure/dn194140.aspx
Clear explanation Fixy This. Answer is correct.
Tested it in WAAD module for Powershell to my office365 trail and it worked as in the question.
is the answer above is correct
In my opinion we have use -ForceChangePassword $True, because it will force end user change the their password, in theory we are reseting and changing in the same time and you use newpassword option, the end user will be necessary to know the new password but is not mandatory to change it..
Get-MsolUser -all | Set-MsolUserPassword -NewPassword Pass#123#
will change password for all user to Pass#123# and on next logon everbody must change password before use. So this anserwer is correct.
Just finished test on my M$ account
See example 2 on this page:
https://msdn.microsoft.com/en-us/library/azure/dn194140.aspx
***********
Example 2
This command resets the password for [email protected]. The user will be required to reset the password on next sign in.
Set-MsolUserPassword -userPrincipalName [email protected] -NewPassword Nula8787
***********
It is just a stupid question, but I think the answer is correct, and when creating a new passwd, they are by default required to change it on next logon. Only setting -ForceChangePassword $true, does not reset their password (only after they login and change it)
What makes it stupid is that you would never want to do this in a real life situation, to reset all users password to the same…
To be Frank, I agree with Frank π
I think this answer is inherently incorrect. Should this not be:
Get -MsolUser |
Set -MsolUserPassword -StrongPasswordRequired
???
If not, can someone point me to where this is in a MS article somewhere?
The correct answer is
Set-MsolUser -StrongPasswordRequired
https://msdn.microsoft.com/en-us/library/azure/dn194136.aspx
Set-MsolUserPassword does not have an option for -StrongPasswordRequired
https://msdn.microsoft.com/en-us/library/azure/dn194140.aspx
I’d say it’s
Get-MSOLUser -All | Set-MsolUserPassword -ForceChangePassword
As other users have commented, the aim is to force them to change the password so that it’s reset. Forcing the user to change the password will ensure that the password is reset.
Using -NewPassword will change everyone’s password to the same thing. This is bad from a security viewpoint and it won’t ask them to change the password when they next login.
“and it wonβt ask them to change the password when they next login.”
Yes it will. As several people before have posted explicitly, with the relevant links.
The question asks for two things: resetting the password for all users, and also forcing them to change their password on first logon.
By default, forcing a password reset using powershell with a specific password set will change the password, AND force the user to change it on next logon.
I agree
Tingz is correct! Thank you!
From my testing:
1. If you run the -ForceChangepassword $true it would reset and provide the new random password for all the users, its damn list everything you are not sure which is for which user :(.
2 . If you run the -Newpassword with the common password for all the users, and pass the single password to all the users, once they login to the portal it would ask them reset the password by default. Verified from my end. So this would be ideal option.
Set-MsolUserPassword only dealts with a single user, but in this case its 50 users
C:\PS>Set-MsolUserPassword -userPrincipalName [email protected] -NewPassword “pa$$word”
Returns the user’s new password.
Description
———–
This command resets the password for [email protected]. The user will be required to reset the password on next sign in.
Set-MsolUserPassword will set the password π