Do you want to know various ways to reset the password of Active Directory objects? This guide teaches you how to reset a user’s and passwords for common AD objects.
How To Reset User Password In Active Directory
Active Directory has numerous tools you can use to reset user account passwords. This section shows you how to reset user passwords with Active Directory Users and Computers.
In addition to that, there is also a subsection with steps to perform the same task with Active Directory Administrative Center and another with steps for ADSI Edit.
Finally, if you love commands, you’ll love the two subsections that show you how to reset a user Active Directory account password with Command Prompt and PowerShell.
Option 1: Reset User Password with Active Directory Users and Computers
- Open Active Directory Users and Computers (ADUC).
- When ADUC opens, search for the user you want to reset its password. To open the search field in ADUC, right-click the domain name and select Find.
- Then, right-click the user and select Reset Password.
- Finally, to reset a user’s Active Directory password with Active Directory Users and Computers, enter and re-enter the new password and click OK.
Option 2: Reset User Password with Active Directory Administrative Center
- Open Active Directory Administrative Center (ADAC). Like ADUC, if you installed RSAT for Active Directory, you can open ADAC from your Windows 10/11 PC.
- When ADAC opens, locate the user you want to reset its password and select it (left-click the user once). Then, on the right pane, click Reset password.
- Finally, on the Reset Password pop-up, enter and re-enter the new password and click OK.
Option 3: Reset User Password with ADSI Edit
- Open ADSI Edit. If it is the first time you’ve opened the tool, right-click ADSI Edit and select connect.
- Then, locate the container the user is located. In this example, the user I want to reset its password is located in an OU called Writers.
- Next, left-click the user once. Then, on the right pane, click More Actions under the user’s name and select Reset Password.
- Finally, to reset a user’s AD account password with ADSI Edit, enter and reenter the new password and click OK on the Reset Password pop-up window.
Option 4: Reset User Password with Command Prompt (Net User Command)
- Open Command Prompt as administrator. Then, enter a command like the one below and press the enter key.
Net user /domain ARaj *
- When the command prompt asks you to enter a new password, type it – the prompt will not display what you’re typing.
- After typing the password, press the enter key on your keyboard. Command Prompt will request you to re-enter the password.
- Re-enter the same password and press the enter key.
Option 5: Reset User Password with PowerShell
- Open PowerShell as administrator. Then, run the command below to save the user’s DistinguishedName in the $dn.
$dn = (Get-ADObject -Filter {Name -eq 'victor ashiedu'}).DistinguishedName
- Then, to reset a user’s AD Password with PowerShell, run the command below.
Set-ADAccountPassword -Identity $dn -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "p@ssw0rd" -Force)
Set-ADUser -Identity $dn -ChangePasswordAtLogon $true
Unlock-ADAccount -Identity $dn
How To Reset Computer Active Directory Password
In the last section, I showed you how to reset Active Directory password for a user account. You can also reset password for an AD computer object.
This section discusses two methods to reset the password of a computer account in AD.
Option 1: Reset Computer Active Directory Password With ADSI Edit
- Open ADSI Edit and locate the computer you want to reset its password.
- Then, right-clck the computer object and select Reset Password…
- Finally, on the Reset Password pop-up, enter the new password, then, re-enter then same password and click OK.
Option 2: Reset Computer Active Directory Password with PowerShell
- Open PowerShell as administrator.
- Then, on the PowerShell prompt, to reset the password for the local computer, run the command below.
Reset-ComputerMachinePassword
Alternatively, to reset the account of a remote computer, run these commands instead.
$cred = Get-Credential Invoke-Command -ComputerName "Server01" -ScriptBlock {Reset-ComputerMachinePassword -Credential $using:cred}
How To Reset Group Managed Service Account Password
You can also use ADSI Edit and PowerShell to reset the password of a group Managed Service Account.
Option 1: Reset Group Managed Service Account (gMSA) Password with ADSI Edit
- Open ADSI Edit and locate the Managed Service Account you want to reset its password. Then, locate the MSA, right-click it and select Reset Password.
- Finally, on the Reset Password pop-up, enter the new password for the Managed Service Account. Then, re-enter the same password and click OK.
Option 2: Reset Group Single Managed Service Account (sMSA) Password with PowerShell
- Open PowerShell as administrator.
- Then, run the Reset-ADServiceAccountPassword command to reset the password of the Single Managed Service Account (sMSA).
Install-ADServiceAccount -Identity SinglMSA01 Reset-ADServiceAccountPassword -Identity SinglMSA01
Frequently Asked Questions
The easiest way to reset a user’s password in Active Directory is from Active Directory Users and Computers (ADUC). To do this open ADUC and locate the user.
You can search for a user by right-clicking the domain name in ADUC and selecting Find.
Once you find the user, to reset its password, right-click the user and select Reset Password.
Note that you can also reset a user’s AD password from Active Directory Administrative Center, ADSI Edit, Command Prompt (Net User Command), and PowerShell
Active Directory does not have a tool to revert a password to a previous password. If you want to reverse a password to the last password, you may have to perform an automartive AD restore.
You can use a PowerShell script to reset password for multiple users in Active Directory. Follow the steps below to accomplish this task:
i) Create a CSV file with the login names (samAccountName) of the users. If you want to use a different password for each user, specify the passwords in a different column of the CSV file.
For this example, I will assume that the login names (samAccountName) of the users is in the samAccountName column of the CSV. Aditionall, I will assume that the password for each user is in the password column.
ii) Then, use the PowerShell script below to reset password for all the users in the CSV file.
| import-CSV | ForEach-Object {
$dn = (Get-ADObject -Filter {samAccountName -eq $_.samAccountName}).DistinguishedName
Set-ADAccountPassword -Identity $dn -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $_.password -Force)
}
To change user Active Directory password un PowerShell, follow the steps below:
i) Get the DistinguishedName of the user with the command below (change ‘victor ashiedu’ to the name of your user)
$dn = (Get-ADObject -Filter {Name -eq ‘victor ashiedu’}).DistinguishedName
ii) Then, run the command below to reset the password to p@ssw0rd.
Set-ADAccountPassword -Identity $dn -Reset -NewPassword (ConvertTo-SecureString -AsPlainText “p@ssw0rd” -Force)
To change your local password in PowerShell, follow the steps below:
i) Run the Get-LocalUser to return all the user accounts on the local computer. Then, note the name of the account in the Name column.
ii) Next, run the command below to save the new password in the $Password variable.
$Password = Read-Host “Enter the new password” -AsSecureString
When you press enter, PowerShell will prompt you to enter the password.
iii) Finally, run the command below to change your local password in PowerShell – change to the name of the account you noted in step i) above.
Set-LocalUser -Name -Password $Password
Conclusion
If you’re an Adctive Directory SysAdmin resetting password for AD objects is one of your routine pasts. Furtermore, AD has different objects that you may need to reset passwords.
So, this guide discussed steps to reset password for a user account. In addition to that, I also covered steps to reset password for an AD computer account.
That is not all, but I also included steps to reset password for a Single Managed Servervice Account (sMSA) and a Group Managed Servervice Account (gMSA).
I hope you found this guide helpful and you were able to use the steps to reset the password for an AD object. If you found the guide helpful, click on “Yes” beside the “Was this page helpful” question below.
You may also express your thoughts and opinions by using the “Leave a Comment” form at the bottom of this page.
Finally, you can improve your Active Directory knowledge further with other articles in our Active Directory Guides page.