Open
Description
Set-EntraUserPassword and Set-EntraBetaUserPassword commands are not changing user's password.
They are changing a password profile.
Accurate names should be Set-EntraUserPasswordProfile and Set-EntraBetaUserPasswordProfile
Parameter names are also misleading and not in sync with the property names they are changing.
Alias parameters should be created, if you want to be accurate, but also backward compatible with AzureAD.
PS> gcm Set-EntraUserPassword -Syntax
Set-EntraUserPassword [-Password] <securestring> [[-ForceChangePasswordNextLogin] <bool>] [-ObjectId] <string> [[-EnforceChangePasswordPolicy] <bool>] [<CommonParameters>]PS> (Get-EntraUser -Top 1).passwordprofile | gm -MemberType noteproperty
TypeName: System.Management.Automation.PSCustomObject
Name MemberType Definition
---- ---------- ----------
forceChangePasswordNextSignIn NoteProperty bool forceChangePasswordNextSignIn=True
forceChangePasswordNextSignInWithMfa NoteProperty bool forceChangePasswordNextSignInWithMfa=False
password NoteProperty object password=null-ForceChangePasswordNextLogin --> -ForceChangePasswordNextSignIn
-EnforceChangePasswordPolicy --> -ForceChangePasswordNextSignInWithMfa
-ObjectId --> -UserId
Is there a reason to have -ForceChangePasswordNextLogin and -EnforceChangePasswordPolicy as Boolean instead of switch parameters?