In this post, you will learn how to reset a user password in Active Directory.
How to Reset Password in Active Directory
In this example, I’ll use ADUC to reset a user’s password.
- Open Active Directory Users and Computers Console (ADUC).
- Browse or search for the user account.
- Right-click the account and select “Reset Password”.
- Enter and confirm the new password.
- Click OK.
Reset Password in Active Directory (Detailed Instructions)
This option requires remote server administration tools (RSAT) installed on your local computer or a server. You can reset passwords from the domain controller (server running Active Directory) but it is not the preferred option.
Step 1. Open ADUC
ADUC is located in the Windows Administrative Tools folder. I like to pin this program to the taskbar for quick access.
Step 2. Find the User Account
You can browse the directory or search for the locked user account.
In this example, I’m going to search for the account Adam.Reed.
Click the Search Icon.
Enter the user’s name. You can enter the first name, last name, both, or the logon name to find the account.
Click Find Now.
Step 3. Reset Password
The last step is to right click the account and select “Reset Password”
Tip: The Reset Password box will show you if the account is locked out.
Enter the new password, and confirm the password.
If you want to require the user to change their password at the next logon then check the box “User must change password at next logon”
Click OK.
You will get a confirmation message.
That’s it for option 1. In the next section, I’ll show you how to reset passwords with PowerShell.
Reset AD User Password using PowerShell
Use this command to reset a user’s password with PowerShell. You will need the user’s logon name to identify the account to reset.
Set-ADAccountPassword -Identity adam.reed -resetYou will be prompted to enter a new password.
To require the user to change the password at the next logon use this command.
Set-ADUser -Identity adam.reed -ChangePasswordAtLogon $trueTo verify the password has been reset use this command.
Get-ADUser adam.reed -Properties * | select name, pass*The above command will show the user’s PasswordLastSet date.
Reset AD User Password using PowerShell
Use this command to reset a user’s password with PowerShell. You will need the user’s logon name to identify the account to reset.
Set-ADAccountPassword -Identity adam.reed -resetYou will be prompted to enter a new password.
To require the user to change the password at the next logon use this command.
Set-ADUser -Identity adam.reed -ChangePasswordAtLogon $trueTo verify the password has been reset use this command.
Get-ADUser adam.reed -Properties * | select name, pass*The above command will show the user’s PasswordLastSet date.
AD Password Reset using AD Pro Toolkit
In this example, I’ll use the AD Pro Toolkit to reset a password. With this tool you can easily, unlock, reset, and check the password status on user accounts.
Step 1. Search for the user account
Step 2. Select the account and click “Reset Password”.
Enter new password and click OK. Optionally you can select “User must change password at next logon”.
With the toolkit you can also easily check users password expiration date.
When you select the account, it will display important account information in the user details box.
To get the password expiration date for all users run the “Password expiration date” report.
These reports come in useful for auditing user passwords and meeting security requirements.
In this article, I showed you three options on how to reset a user password in Active Directory. I recommend you try out all three options and see which one works best for you. If you have questions or a comment, please post them below.
hey @Robert. Can you please compose a guide on how to disable startup apps for domain users using gpo?
Yes. Thanks for the suggestion.