• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 68
  • Last Modified:

Allowing users to reset other peoples password w/o logging into ADUC

I gave several department supervisors the ability to reset their departments password by using Delegated Permissions.  Is there a tool they can use on their desktop to reset the passwords without having to RDP into the AD server?

Server 2012
0
Larry Kiterling
Asked:
Larry Kiterling
  • 2
1 Solution
 
Jeff DunnCommented:
The best solution for this is from ManageEngine. Called ADManager plus it will do so much more than the delegation and compliance will be happy because you will be removing the ability to have the delegates go into AD directly. You could also allow the end users to self service with another product of theirs called AD Self service plus.
0
 
footechCommented:
If RSAT Tools are installed on their workstations they can use ADUC on their machine without having to RDP to another machine.

You could also write a PowerShell script to reset the password.  It's easier if they have the RSAT tools installed locally because then they have immediate access to the AD cmdlets.
Import-Module ActiveDirectory
$uname = Read-Host "Enter username"
Set-ADAccountPassword -Identity $uname -NewPassword (Read-Host -AsSecureString "New Password") -Reset

Open in new window


If RSAT tools are installed locally, you can use the techniques shown in this link to get access to the AD cmdlets through another machine.
https://blogs.technet.microsoft.com/ashleymcglone/2013/06/27/how-to-use-the-2012-active-directory-powershell-cmdlets-from-windows-7/
0
 
Ajit SinghCommented:
You can use PowerShell for this: http://deployhappiness.com/reset-user-passwords-with-ad-self-service-portal/
Users can use text messages to reset their password. Their phone is linked to their account which provides an extra layer of security.

Another option, you can use third party applications, like:

Lepide Active Directory Self Service

Quest Password Manager

Hope this helps!
0
 
footechCommented:
If RSAT tools are installed locally...
BTW, that should read, "If RSAT tools aren't installed locally..."
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now