How to Reset an AD User Password Using PowerShell

In this blog post, I’ll show you How to Reset an AD User Password Using PowerShell module for Active Directory.

How to Reset an AD User Password Using PowerShell

Using PowerShell for user management Is one of the most effective administration options we have because it allows us to shorten tasks that take hours and reduce them to minutes.

This module is the most popular PowerShell module after the Exchange Server Module.

About Active Directory

Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks, It is included in most Windows Server operating systems as a set of processes and services.

AD PowerShell Module

The Active Directory PowerShell Module was released with Windows Server 208 R2 and have more than 80 cmdlets that allow us to manage AD.

With the latest module, we can fully manage Active Directory from PowerShell without using the console at all.

How to create an Active Directory user using PowerShell
How to Configure Fine-Grained Password Policies on Windows Server 2016

PowerShell

PowerShell (including Windows PowerShell and PowerShell Core) is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework and .NET Core. Initially a Windows component only, PowerShell was made open-source and cross-platform on 18 August 2016.

In PowerShell, administrative tasks are generally performed by cmdlets (pronounced command-lets), which are specialized .NET classes implementing a particular operation.

Reset Password

In the example below I have a user called Mike Victor that I’ll use PowerShell AD to reset his password.

Before you reset the password, You will need to Install the Active Directory management console on your workstation or use the Domain Controller to run the cmdlet.

To reset the password, I’ll use the SET-ADACCOUTPASSORD cmdlet with the user details.

The code below will reset the password:

Set-ADAccountPassword mike -Reset -NewPassword (ConvertTo-SecureString -AsPlainText “Password2017” -Force -Verbose) -PassThru

If you want to force the user to change the password at the next login run the cmdlet below:

Set-ADUser -Identity mike -ChangePasswordAtLogon $true

To set the password to never expire and changed at login run the cmdlet below:

Set-ADUser -Identity mike -ChangePasswordAtLogon true -PasswordNeverExpires $true
How to Reset an AD User Password Using PowerShell
How to Reset an AD User Password Using PowerShell

You can verify that the password was reset successfully, I’ll run the cmdlet below:

Get-ADUser mike -Properties * | select name, pass*
verify that the password was reset successfully
verify that the password was reset successfully

Conclusion

The Active Directory PowerShell module Is one of the most powerful modules In Windows Servers are worth learning.

Related Articles:

How to Restart Active Directory Domain Services
How To Add An Active Directory Domain UPN Suffix
How to remove a server from being a Global Catalog host in AD
  • BIGshayne

    I know this is a few months old but I am attempting to use this to make a script for when we are on call or out of the office…

    How would I combine the reset with the change at next logon? I am using the below to get the password to reset to a predetermined phrase and I need to somehow pipe or add in the change at next logon.

    $input = Read-Host -Prompt “Enter username”
    Set-AdAccountPassword -Identity $input -Reset -NewPassword (ConvertTo-SecureString -AsPlainTest “” -Force)

    How can I add the -ChangePasswordAtLogon to that?




Search blogs




Bitnami