In this post, you will learn how to reset a user password in Active Directory.
How to Reset Password in Active Directory
In this example, I’ll use ADUC to reset a user’s password.
- Open Active Directory Users and Computers Console (ADUC).
- Browse or search for the user account.
- Right-click the account and select “Reset Password”.
- Enter and confirm the new password.
- Click OK.
Method #2 Password Reset Tool
In this example, I’ll use the AD Password Reset Tool that is included in the AD Pro Toolkit.
Step 1: Browse or search for the user.
Step 2. Select the reset options and click “Reset Account”.
When you click the “reset account” button you will get a popup confirming that the password was changed.
Reset Password in Active Directory (Detailed Instructions)
This option requires remote server administration tools (RSAT) installed on your local computer or a server. You can reset passwords from the domain controller (server running Active Directory) but it is not the preferred option.
Step 1. Open ADUC
ADUC is located in the Windows Administrative Tools folder. I like to pin this program to the taskbar for quick access.
Step 2. Find the User Account
You can browse the directory or search for the locked user account.
In this example, I’m going to search for the account Adam.Reed.
Click the Search Icon.
Enter the user’s name. You can enter the first name, last name, both, or the logon name to find the account.
Click Find Now.
Step 3. Reset Password
The last step is to right click the account and select “Reset Password”
Tip: The Reset Password box will show you if the account is locked out.
Enter the new password, and confirm the password.
If you want to require the user to change their password at the next logon then check the box “User must change password at next logon”
Click OK.
You will get a confirmation message.
That’s it for option 1. In the next section, I’ll show you how to reset passwords with PowerShell.
Reset AD User Password using PowerShell
Use this command to reset a user’s password with PowerShell. You will need the user’s logon name to identify the account to reset.
Set-ADAccountPassword -Identity adam.reed -resetYou will be prompted to enter a new password.
To require the user to change the password at the next logon use this command.
Set-ADUser -Identity adam.reed -ChangePasswordAtLogon $trueTo verify the password has been reset use this command.
Get-ADUser adam.reed -Properties * | select name, pass*The above command will show the user’s PasswordLastSet date.
Password Reset Tool (Detailed Instructions)
Step 1. Click on Password Reset from the management tools page.
Step 2. To reset a user account click browse to browse for the account or click search.
In this example, I’ll reset the user Alonso.Hall.
Step 3. Select the reset options and click the reset account button.
In this example, I’m going to reset the password and set the account to change password at next logon.
When you click the “reset account” button you will get a popup.
Step 4. To find all locked users click the “Check for Locked Users” button.
To unlock an account right click and select “unlock”.
The AD Pro Tool also includes several password status reports.
For example, to get the password expiration date for all users run the “Password expiration date” report.
These reports come in useful for auditing user passwords and meeting security requirements.
In this article, I showed you three options on how to reset a user password in Active Directory. I recommend you try out all three options and see which one works best for you. If you have questions or a comment please post them below.
hey @Robert. Can you please compose a guide on how to disable startup apps for domain users using gpo?
Yes. Thanks for the suggestion.