Changing User Account Passwords

  • Article

Microsoft® Windows® 2000 Scripting Guide

Password policies configured at the domain level by using Group Policy objects (GPOs) can dictate when users must change their passwords. Concern about unauthorized access and the need to configure more secure passwords are two reasons why users might need to preempt password policies and change their passwords immediately. The ChangePassword method allows you to create a script that users can employ to change their own passwords.

Table 7.4 shows the arguments of the ChangePassword method.

Table 7.4 Arguments of the ChangePassword Method

Argument

Type

Required

Default

Description

OldPassword

string

Yes

None

Current password value

NewPassword

string

Yes

None

New password value

Scripting Steps

Listing 7.3 contains a script that changes a user account password. To carry out this task, the script performs the following steps:

  1. Bind to the user account object by using the GetObject function and the LDAP provider.

  2. Use the ChangePassword method to specify the current password and to change the password to the specified value.

    The current password is the first parameter that the ChangePassword method receives. The current password specified in the script must be the same as the password currently assigned to the user, or the script will fail.

    The second parameter represents the new password to be assigned to the user account.

Listing 7.3 Changing a User Account Password

   
1
2
3

Set objUser = GetObject _
 ("LDAP://cn=MyerKen,ou=Management,dc=NA,dc=fabrikam,dc=com")
objUser.ChangePassword "i5A2sj*!", "jl3R86df"