I have been tasked with a project and wanted some help. Our company has remote techs that sometimes send in tickets for us to reset AD pw's during days we are not in the office which may cause a wait. I was thinking if I was to setup a script that they could LMI into one of our retail sites and simply 2x the powershell/ Batch script and reset users AD accounts that way it would alleviate a lot of headache. Right now our retail servers are running 2008R2 which only main functions SQL. There is replication to the a central server of course, which is also on the same subnet as the DC.
My question though is the server only running SSMS and some minor applications. Would it require us to install AD tools as well on top of these applications so the script I input will work?
We do not want our remote techs to use AD as they are not trained on this. The script I am writing will do the password resets they would simply just 2x click on it. Here is a script I came up with.
Set-ADAccountPassword username -Reset -NewPassword (ConvertTo-SecureString -AsPlainText “newpassword” -Force -Verbose) –PassThru
I am not even sure if this will work 100% yet so we are in the testing phase. Our DC's are running server 2012r2 I am assuming that script should work running from 2008r2.
Assistance is appreciated as always