To force user to change at next login and log them out.
Install-Module Microsoft.Graph.Users -Scope AllUsers -Force
Install-Module Microsoft.Graph.Users.Actions -Scope AllUsers -Force
Import-Module Microsoft.Graph.Users
Import-Module Microsoft.Graph.Users.Actions
Connect-MgGraph -Scopes "User.ReadWrite.All", "Directory.AccessAsUser.All"
$email = "user@domain.com"
# Force password change at next login
Update-MgUser -UserId $email -PasswordProfile @{ ForceChangePasswordNextSignIn = $true }
# Confirm it's flagged
Get-MgUser -UserId $email -Property PasswordProfile | Select-Object UserPrincipalName, @{Name="ForceChange";Expression={$_.PasswordProfile.ForceChangePasswordNextSignIn}}
# Revoke sign-in sessions (log them out of everything)
Revoke-MgUserSignInSession -UserId $email
No comments:
Post a Comment