Resets the password and unlocks the user account specified by the Identifier parameter.
Reset-DRAUserPassword -Domain <String> [-UserMustChangePasswordAtNextLogin <SwitchParameter>] [-PasswordNeverExpires <SwitchParameter>] [-Password <String>] [-DomainController <String>] -Identifier <String> [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]
The Reset-DRAUserPassword cmdlet resets the password on a user account and unlocks it, if needed. The password can be supplied as a parameter or it can be generated by the server. If it is generated by the server, the generated password is returned to the client and the user will be required to change their password the next time they logon.
Attribute / Description |
Parameters / Values |
||||
---|---|---|---|---|---|
Required |
Position |
Default Value |
Accept Pipeline input? |
Accept wildcard characters? |
|
UserMustChangePasswordAtNextLogin [<SwitchParameter>] Sets the user account to require that the user change their password at the next logon. |
false |
named |
true if the DRA Server generates the password, Else false |
true (ByPropertyName) |
false |
PasswordNeverExpires [<SwitchParameter>] Sets the user account password to never expire. |
false |
named |
false |
true (ByPropertyName) |
false |
Password [<String>] The value of the new password that should be set on the user account. The password must meet the password policies set for the domain. |
false |
named |
|
true (ByPropertyName) |
false |
DomainController [<String>] The computer name of a specific domain controller to use for the request. |
false |
named |
|
true (ByPropertyName) |
false |
Identifier <String> The name or distinguished name of an existing Active Directory object. When the name is specified, an additional call to the DRA Server is needed to obtain the distinguished name for the object. |
true |
named |
|
true (ByPropertyName) |
false |
Domain <String> The domain of the object in FQDN format. For example: mydomain.corp |
true |
named |
|
true (ByPropertyName) |
false |
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'. |
false |
named |
|
true (ByPropertyName) |
false |
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755. |
false |
named |
8755 |
true (ByPropertyName) |
false |
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate. |
false |
named |
|
false |
false |
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user. |
false |
named |
|
false |
false |
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1. |
false |
named |
100 seconds |
true (ByPropertyName) |
false |
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters. |
|
|
|
|
|
NOTE:For more information, type "Get-Help Reset-DRAUserPassword -detailed". For technical information, type "Get-Help Reset-DRAUserPassword -full".
Example 31-43 1
PS C:\>Reset-DRAUserPassword -Domain "MyDomain.corp" -Identifier "USER123" -DomainControler "MyDC"
This example resets the password and unlocks the user account USER123. The request will be sent to the domain controller called MyDC. The DRA Server will generate a password for the user and return it in the response object. The user account will be flagged to require a password change at the next login.
Example 31-44 2
PS C:\>Reset-DRAUserPassword -Domain "MyDomain.corp" -Identifier "USER123"
This example resets the password and unlocks the user account USER123. The identifier is the name. The DRA Server will generate a password for the user and returns it in the response object. The script will first call the DRA Server to resolve the name to the distinguished name, and then reset the password. The user account will be flagged to require a password change at the next login.
Example 31-45 3
PS C:\>Reset-DRAUserPassword -Domain "MyDomain.corp" -Identifier "CN=USER123,DC=MyDomain,DC=corp" -Password "MyNewPassword!"
This example resets the password and unlocks the user account USER123. The password will be set to 'MyNewPassword!'. The user is identified using the distinguished name. The user will not be required to change their password at the next login.