Reset a user password

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To reset a user password

  • Using the Windows interface

  • Using a command line

Using the Windows interface

  1. Open Active Directory Users and Computers.

  2. In the console tree, click Users.

    Where?

    • Active Directory Users and Computers/domain node/Users

    Or, click the folder that contains the user account.

  3. In the details pane, right-click the user whose password you want to reset, and then click Reset Password.

  4. Type and confirm the password.

  5. If you want to require the user to change this password at the next logon process, select the User must change password at next logon check box.

Notes

  • To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • To open Active Directory Users and Computers, click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.

  • Services that are authenticated with a user account must be reset if the password for the service's user account is changed.

Using a command line

  1. Open Command Prompt.

  2. Type:

    dsmod userUserDN-pwdNewPassword

  3. If you want to require the user to change this password at the next logon process, Type:

    dsmod userUserDN-mustchpwd {yes|no}

Value Description

UserDN

Specifies the distinguished name of the user for which the password will be reset.

NewPassword

Specifies the password that will replace the current user password.

Notes

  • To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.

  • If a password is not assigned, then the first time the user tries to log on (using a blank password), a logon message will appear that says "You are required to change your password at first logon" and after user has changed the password, the logon process continues.

  • Services that are authenticated with a user account must be reset if the password for the service's user account is changed.

  • To view the complete syntax for this command, at a command prompt, type:

    dsmod user /?

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Working with MMC console files
Find a user account
Command-line reference A-Z
Directory service command-line tools