Reset a user password - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Reset a user password

Users must adhere to password policies as defined in the directory. Sometimes this can get the best of users, including the directory admin, and they forget their password. When this happens, you can quickly reset the user's password using Amazon Directory Service if the user resides in either a Simple AD or Amazon Managed Microsoft AD directory.

You must be signed in as a user with the necessary permissions to reset passwords. For more information about permissions, see Overview of managing access permissions to your Amazon Directory Service resources.

You can reset the password for any user in your directory with the following exceptions:

  • For Simple AD, you cannot reset the password for any user that is a member of either the Domain Admins or Enterprise Admins group except for the Administrator user.

  • For Amazon Managed Microsoft AD, you cannot reset the password for any user that is in an OU other than the OU that is based off of the NetBIOS name you typed when you created your directory. For example, you cannot reset the password for a user in the Amazon Reserved OU. For more information about the OU structure for an Amazon Managed Microsoft AD directory, see What gets created.

You can use any of the following methods to reset a user's password.

Method 1: To reset a user password (Amazon Web Services Management Console)

  1. In the Amazon Directory Service console navigation pane, under Active Directory, choose Directories, and then select the directory in the list where you want to reset a user's password.

  2. On the Directory details page, choose Actions, and then choose Reset user password.

  3. In the Reset user password dialog, in Username type the user name of the user whose password needs to change.

  4. Type a password in New password and Confirm password, and then choose Reset password.

Method 2: To reset a user password (Windows PowerShell)

  1. Open Windows PowerShell.

  2. Type the following command and replace the user name "jane_doe", the Directory ID, and password "P@ssw0rd" with your AD Directory ID and desired credentials. See Reset-DSUserPassword Cmdlet for more information.

Reset-DSUserPassword -UserName jane_doe -DirectoryId d-1234567890 -NewPassword P@ssw0rd
Method 3: To reset a user password (Amazon CLI)

  1. To install the Amazon CLI, see Install or update the latest version of the Amazon CLI.

  2. Open the Amazon CLI.

  3. Type the following command and replace the Directory ID, user name "jane_doe", and password "P@ssw0rd" with your AD Directory ID and desired credentials. See reset-user-password in the Amazon CLI Command Reference for more information.

aws ds reset-user-password --directory-id d-1234567890 --user-name jane_doe
        --new-password P@ssw0rd