Reputation: 3399
Changing Active Directory Password via Batch
I'm trying to write a batch script to automatically change the password of an active directory user.
The:
net user <user> /domain <password>
where <user> & <password> are a user and password of some user on the domain.
Results in:
The request will be processed at a domain controller for domain .
System error 5 has occurred.
Access is denied.
Edit:
I just found out that you need to be the domain controller to be able to run the command.
Is the a way to change a user's password without being the domain controller?
Upvotes: 0
Views: 3952
Answers (1)
Reputation: 70
IT Admins with permissions to change passwords can use the QAD Powershell cmdlets to change passwords for accounts. Here’s an example of the Powershell command to run:
Set-QADUser -Identity <account_name> -Proxy -UserPassword <new_password>
For users without elevated permissions to set passwords on other accounts, there is still a Powershell option. You will need to have the Microsoft ActiveDirectory powershell module installed and know the previous password. Here’s some sample code how to accomplish this:
Set-ADAccountPassword -Identity <ADAccount>
This will then prompt for the previous password, and then ask for the new password twice.
For example if you want your process perform automatically:
Set-ADAccountPassword -Identity $username -OldPassword (ConvertTo-SecureString -AsPlainText $oldPass -Force) -NewPassword (ConvertTo-SecureString -AsPlainText $newPass -Force)
Upvotes: 1
Related Questions
- How to programmatically change Active Directory password
- Batch - change account password with imput
- Change password for all users accounts in command prompt
- Change Password Windows AD C#
- c# Change AD password Directoryservices
- SQL SA Password change
- net user Administrator password difference between running in .bat and from cmd?
- Bat files - Update username password
- writing a .bat file to change a user password on certain dates
- Change Windows user password remotely using .NET