Updating local machine password from domain server (Windows Powershell)

Hello all!

Hope you are all well!

I am trying to figure out how to update a password on a local machine.

People who I am giving tech support to are changing passwords as a mandatory password change (expired etc) and the password is updating in the domain however the domain is not pushing the new credentials to the local machine in each instance. There is a workaround where I get the user to log in to IE (I know cringe) by holding shift and right click and run as a different user to get the domain server password to update on the local machine.

I was wondering what would be a good way to run a PowerShell command from a local machine to ask the domain I am connecting to update the password on the local machine?

Otherwise, the user continues to have to log in with an old password until they call us and want to automate the process.

Any advice?

Many thanks in advance,
UHI.

So if you have a GPO for your domain passwords setting up a PowerShell command would that not simply have Domain user accounts ignore any GPO being applied for your password policy?

Is the Policy pushed to the OU containing the workstation or is it being pushed to Domain user accounts?

Not 100% sure on this. someone else in here more than likely know what the fix would be.

In my experience in such an environment, ctl-alt-delete on the local machine will allow you to change your passwords across the domain. As long as there are reminders for them to do it that is usually the best way.

Are these machines remote and mostly connecting over a VPN? If not, you have DNS issues.

Hello, I feel like its getting pushed to the OU containing the workstation, Unfortunately, I do not have any access to the GPO and I know that if I log in to the OU via local machine the password updates was hoping for a nifty backend script to speed up my handling times and not confuse customers in the event of non-RDP. If there is no way to do it I can still use the work around. :slight_smile:

Hello :slight_smile:

yeah, there is no reminder and end-users usually call up and get confused when we are prompting them to input old passwords to get connected. Its a strange one for sure.

Yes, they do have to connect via VPN however this is post-boot and log into windows.

If you you can a pre-login vpn client it may save you some steps.

1 Like