external help file | Module Name | online version | schema |
---|---|---|---|
DSInternals.PowerShell.dll-Help.xml |
DSInternals |
2.0.0 |
Sets the password for a user, computer, or service account stored in a ntds.dit file.
Set-ADDBAccountPassword -NewPassword <SecureString> -BootKey <Byte[]> [-SkipMetaUpdate] [-Force]
[-SamAccountName] <String> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Set-ADDBAccountPassword -NewPassword <SecureString> -BootKey <Byte[]> [-SkipMetaUpdate] [-Force]
-ObjectSid <SecurityIdentifier> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Set-ADDBAccountPassword -NewPassword <SecureString> -BootKey <Byte[]> [-SkipMetaUpdate] [-Force]
-DistinguishedName <String> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Set-ADDBAccountPassword -NewPassword <SecureString> -BootKey <Byte[]> [-SkipMetaUpdate] [-Force]
-ObjectGuid <Guid> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Generates new password hashes of the given password, including NT hash, WDigest hashes and Kerberos DES, AES128 and AES256 keys and encrypts them into the database using boot key.
PS C:\> $pass = Read-Host -AsSecureString -Prompt 'Provide new password for user john'
PS C:\> Set-ADDBAccountPassword -SamAccountName john `
-NewPassword $pass `
-DatabasePath '.\ADBackup\Active Directory\ntds.dit' `
-BootKey 0be7a2afe1713642182e9b96f73a75da
Performs an offline password reset for user john.
Specifies the boot key (AKA system key) that will be used to decrypt/encrypt values of secret attributes.
Type: Byte[]
Parameter Sets: (All)
Aliases: Key, SysKey, SystemKey
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.
Type: String
Parameter Sets: (All)
Aliases: Database, DBPath, DatabaseFilePath, DBFilePath
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the identifier of an account on which to perform this operation.
Type: String
Parameter Sets: ByDN
Aliases: dn
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Forces the cmdlet to perform the desired operation.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.
Type: String
Parameter Sets: (All)
Aliases: Log, TransactionLogPath
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies a new password value. This value is stored as an encrypted string.
Type: SecureString
Parameter Sets: (All)
Aliases: Password, Pwd, Pass, AccountPassword, p
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Specifies the identifier of an account on which to perform this operation.
Type: Guid
Parameter Sets: ByGuid
Aliases: Guid
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Specifies the identifier of an account on which to perform this operation.
Type: SecurityIdentifier
Parameter Sets: BySID
Aliases: Sid
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Specifies the identifier of an account on which to perform this operation.
Type: String
Parameter Sets: ByName
Aliases: Login, sam
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Indicates that the replication metadata of the affected object should not be updated.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Set-ADDBAccountPasswordHash Set-SamAccountPasswordHash Unlock-ADDBAccount Get-BootKey Get-ADDBAccount