Reset a user password
Users must adhere to password policies as defined in the Active Directory. Sometimes this can get the best of users, including the Active Directory administrator, and they forget their password. When this happens, you can quickly reset the user's password using Amazon Directory Service if the user resides Amazon Managed Microsoft AD.
You must be signed in as a user with the necessary permissions to reset passwords. For more information about permissions, see Overview of managing access permissions to your Amazon Directory Service resources.
You can reset the password for any user in your Active Directory with the following exceptions:
-
You can reset the password for any user within the Organizational Unit (OU) that is based off of the NetBIOS name you used when you created your Active Directory. For example, if you followed the procedure in Create your Amazon Managed Microsoft AD your NetBIOS name would be CORP and the users passwords you could reset would be members of Corp/Users OU.
-
You cannot reset the password of any user outside of the OU that is based off the NetBIOS name you used when you created your Active Directory. For example, you cannot reset the password for a user in Amazon Reserved OU. For more information about the OU structure for Amazon Managed Microsoft AD, see What gets created with your Amazon Managed Microsoft AD Active Directory.
For more information on how the password policies are applied when a password is reset in Amazon Managed Microsoft AD, see How password policies are applied.
You can use any of the following methods to reset a user password:
-
Amazon Web Services Management Console
-
Amazon CLI
-
Windows PowerShell
Reset a user password in the Amazon Web Services Management Console
-
In the Amazon Directory Service console
navigation pane, under Active Directory, choose Directories, and then select the Active Directory in the list where you want to reset a user password. -
On the Directory details page, choose Actions, and then choose Reset user password.
-
In the Reset user password dialog, in Username type the username of the user whose password needs to change.
-
Type a password in New password and Confirm password, and then choose Reset password.
Reset a user password in Amazon CLI
-
To install the Amazon CLI, see Install or update the latest version of the Amazon CLI.
-
Open the Amazon CLI.
-
Type the following command and replace the Directory ID, username
jane.doe
, and passwordP@ssw0rd
with your Active Directory Directory ID and desired credentials. See reset-user-password in the Amazon CLI Command Reference for more information.
aws ds reset-user-password --directory-id
d-1234567890
--user-name "jane.doe
" --new-password "P@ssw0rd
"
Reset a user password in Windows PowerShell
Connect to the instance joined to your Active Directory domain as the Active Directory administrator.
-
Open Windows PowerShell.
-
Type the following command replacing the username
jane.doe
, the Directory ID, and passwordP@ssw0rd
with your Active Directory Directory ID and desired credentials. See Reset-DSUserPassword Cmdlet for more information.
Reset-DSUserPassword -UserName "
jane.doe
" -DirectoryIdd-1234567890
-NewPassword "P@ssw0rd
"