On Windows Server 2008 R2, I have a standard (non-administrator) local user (not an Active Directory account, though the server is in a domain) who has access to the server only via PowerShell Remoting. The user cannot login via RDP.
I would like this user to be able to change their password. The 'net user' command requires administrator rights, even if the user is trying to change their own password.
How can a standard user change their password from the command line?
Best Answer
Here's some PowerShell code to do what you're looking for with domain accounts:
The ASDI provider also supports the syntax
WinNT://computername/username
for theChangePassword()
method. TheADSystemInfo
object, however, won't work for machine-local accounts, so just retrofitting the code above withWinNT://...
syntax isn't workable.(Anybody want to suggest an edit w/ code to differentiate between local and domain accounts?)
On a completely different tack, the old
NetUserChangePassword
API will work with local (and domain, provided you specify the domain name in NetBIOS syntax) accounts, too:This code assumes you're changing a password on the local machine (".").