Reset Passwords of Users from Multiple Domains using PowerShell Script

If you have ever worked as a Windows Administrator in a multi-domain environment, you would know the pain of switching to different domain controllers for resetting users’ passwords. Normally, IT admins take the RDP of the respective domain controllers to reset the passwords of users in that domain. However, this process takes time and becomes hectic if you have to reset the passwords of multiple users from multiple domains.

However, you can manage multiple domains in the Active Directory Administrative Center. But that requires you to set up trusts between domains. This problem can be solved by using the PowerShell script. In this tutorial, we are going to share with you a PowerShell script that allows you to reset or change the passwords of users from multiple domains in a single place.

SEE ALSO: How to Get Local User Accounts from Domain Computers using PowerShell Script?

Features & Requirements of Script

The best part of this script is that your system doesn’t need to be joined into any of the domains. But all required domains must be reachable from your computer. This script has some features as well as some limitations. Here is a brief overview:

Features:

  • Reset passwords of users in multiple domains.
  • Switch between domains from the same console.
  • Admin credentials validation check.
  • User Account validation check.
  • Doesn’t require to be run on Domain controllers.
  • User machines need not be joined to any domain.

Requirements:

  • If you are running this script on your client system, RSAT tools need to be installed.
  • The target domain must be reachable from your system. So, you should open the required ports at the Firewall end first.
  • Create manual DNS entries for each domain in the hosts file to resolve the target domain without problems.
  • You must have Admin Credentials for all the domains for which you want to reset passwords.
  • This script doesn’t have a password complexity check for new passwords. Make sure you enter a valid password.

SEE ALSO: How to Fix Windows Update Issues using PowerShell Script?

Reset Passwords of Users from Different Domains using PowerShell Script

Let’s discuss the functioning of the script in some detail. This script, first asks the user to enter the domain name which contains the target user account. Then, the script asks for Admin credentials which are used for resetting the user’s password in that domain. After that script prompts for user details whose password needs to be reset.

Here are detailed steps explaining the functioning of the script. The script download link is available at the end of the post.

Step 1: Create a Shortcut to Launch the Script

You can run the script in PowerShell as well but for the sake of simplicity and ease of access, we are going to create a shortcut to launch the script.

So, first of all, copy the script to a folder on your computer, then right-click in the blank space and select New > Shortcut.

Right-click and select New > Shortcut
Right-click and select New > Shortcut

Step 2: Set Shortcut Parameters

A new shortcut window will open. Copy the following code into the location bar and click Next:

powershell.exe -File "PathToScript\ScriptName.ps1" -ExecutionPolicy Bypass

Replace PathToScript\ScriptName.ps1 with the actual path of the script as shown below.

Set shortcut parameters for the script
Set shortcut parameters for the script

In the next window, provide a name for the shortcut and click Finish.

Provide the name for shortcut
Provide the name for the shortcut

Step 3: Clear the ‘Start in’ Parameter of the Shortcut

The shortcut for running the script is ready but we still need to make some changes to it. Otherwise, the script will fail to run because, by default, PowerShell will run the script in the C:\Windows\System32 directory which requires Admin privileges. So, to fix this, right-click the shortcut and select Properties.

Open Shortcut's Properties
Open Shortcut’s Properties

In the Properties window, clear the path provided in the “Start in:” field and click OK.

Clear "Start in:" Field to reset password of multiple users from multiple domains
Clear the “Start in:” Field and click OK

SEE ALSO: How to Create Bulk Users in AD using PowerShell Script?


Step 4: Run the PowerShell Script to Reset the User Password

The script is ready to rock! Simply, double-click the shortcut we just created. The script will open in the CMD window. You don’t need to run the script with admin privileges, it works fine with standard user rights.

The script will ask you to enter the domain name first. So, enter the domain name to reset the passwords of users from that domain.

Run PowerShell script to Reset Passwords of users from Multiple domains
Run PowerShell script to Reset Passwords of users from multiple domains

Step 5: Provide the Domain Name and Admin Credentials

It’s time to enter the domain name where the target user (whose password you wish to reset) exists. Remember, you will require Admin credentials for that domain.

Enter the domain name and press Enter (you can use a full domain name or NetBIOS name, both work fine). A prompt will show up asking for Admin credentials. Provide correct Admin credentials to continue. If you fail to provide the correct credentials three times, the script will exit.

Provide Domain Name and Admin credentials
Provide Domain Name and Admin credentials

Step 6: Reset User Password from Multiple Domains

After successfully validating Admin credentials, the script will continue. Next, the script will ask you for the username (samAccountName) of the user whose password you want to reset.

After you provide the username, the script will check the username in the target domain. If the script finds the username successfully, it will prompt for the new password for the selected user. Otherwise, the script will prompt 3 times for a valid username, failing which it will exit with a warning message.

Enter the username of the user to Reset the password
Enter the username of the user to reset the password

Now provide a new password for the selected user. You will need to enter the password twice. If passwords don’t match, the script will ask you 3 times before displaying exit choices.

After you provide a valid password, the script will reset the password of the selected user and provide options for proceeding further.

User Password Reset Successfully
User Password Reset Successfully

SEE ALSO: A to Z list of Windows CMD Commands.

Step 7: Select Options to Proceed Further

After successfully resetting the user’s password, you will see 3 options. You can choose any of them depending on your requirements. So, if you want to reset the password of another user in the same domain, press ‘1‘. The script will show you a prompt for providing a username.

Enter 1 to Reset user Password in same Domain
Enter 1 to Reset the user Password in the same Domain

The second option is to press ‘2‘ to select the new domain. You will be prompted to enter the domain name.

Press 2 to Change the Domain
Press 2 to Change the Domain

The third option is ‘press any other key‘ to exit the script. If you press anything except ‘1‘ or ‘2‘, the script will exit with a message.

Press any key except 1 & 2 to exit the script
Press any key except 1 & 2 to exit the script

Download the PowerShell Script

Click the following link to download the script.


SEE ALSO: How to View the Saved WiFi Passwords in Windows 10 and 11?

Use PowerShell Script to Reset Passwords in Multiple Domains

The above tutorial explained the functioning of the PowerShell script to reset users’ passwords in multiple domains without logging into each domain’s AD servers. We hope this script will make the lives of Windows Administrators easier. You may also check if the AD Administrative Center is useful for you or not.

If you find this script useful, make sure to share this article with your friends. Also if you have any queries or suggestions, feel free to share in the comments below. You can download the script from the link provided below.

Editorial Staff

Hi there, we are the editorial staff at WINDOSPC (former HELLPC). We are a team of funny and technical people. Feel free to get in touch with us via Contact-Us page.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.