Pricing  Get Quote
 
 

How to reset Active Directory domain passwords

The following is a comparison between resetting Active Directory domain passwords using Windows PowerShell and ADSelfService Plus:

With PowerShell

  • Reset a password for a user account using a distinguished name
    Executing this code will reset the password for a single user by their distinguished name.
    Set-ADAccountPassword -Identity 'CN=John Smith,OU=Accounts,DC=Fabrikam,DC=com' -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "password@123" -Force)
    
     Copied
    Click to copy entire script
  • Reset passwords for users by OU and group membership.
    Not supported.

With ADSelfService Plus

  • For users: Self-service password reset, i.e., password reset without admin intervention
    • Go to ADSelfService Plus admin portal.
    • Navigate to Configuration > Self-Service > Policy Configuration.
    • Select Password Reset.
      self-service-ad-password-reset-powershell-script-1
    • Click Select OUs/Groups to granularly select which set of users need to be empowered with self-service account unlock feature.
      self-service-ad-password-reset-powershell-script-2
    • Click Save.
  • For admins: Reset all users in a domain
    • Go to ADSelfService Plus admin portal.
    • Navigate to Configuration > Self-Service > Policy Configuration > Advanced.
      self-service-ad-password-reset-powershell-script-3
    • Enable Automatically resets domain user' password in your domain.
    • Click Save.

What are the limitations of using Windows PowerShell to reset passwords?

  • Doesn't allow end-users to reset their forgotten passwords on their own from their Windows login screen or their mobile phones.
  • It doesn't allow admins enable self-service password reset based on OU and group memberships.
  • Creating multiple automatic password reset schedulers for different set of users is a highly laborious process. Also, there's always a possibility of admin privilege exploitation if not maintained properly.
Benefits of ADSelfService Plus
  • Improves ROI

    Enables users to perform self-service password reset and reduces IT expense.

  • Improves IT security

    Supports advanced multi-factor authentication techniques like biometrics and YubiKey to secure self-service password resets and account unlocks.

  • Universal enforcement

    Admins can enforce the self-service password reset feature for users' Active Directory and cloud account.

  • Improves user experience

    Zero wait time as it allows users to reset Azure AD passwords, from anywhere, at any time.

Empower users to unlock their Active Directory and cloud accounts.

  Get 30-day free trial.
  • Embark on your script-free AD Self-service password management with ADSelfService Plus.
  •  
  • By clicking 'Start your free trial now', you agree to processing of personal data according to the Privacy Policy.
  • Thank you for downloading!

    Your download should begin automatically in 15 seconds. If not, click here to download manually.

    Thank you for downloading!

    Your download should begin automatically in 15 seconds. If not, click here to download manually.

Related Resources

ADSelfService Plus trusted by

A single pane of glass for complete self service password management
Email Download Link