Change user password on other domain command line
You can use the below command to reset the user password.
dsquery user -samid username | dsmod user -pwd new_password
If you logged as a domain controller, you can you the below command
net user username new_password
You can also use the below net user command from your workstation
net user username new_password /domain
Just involve WMIC in the game...
There are some prerequisites, though - WinRM should be enabled and allowed through the firewall on the remote machine and it would be best if you can use the same subnet as the DC (which I believe you have access to).
First you must authenticate against the other domain and then to run the desired command on it:
Note the single quotes, as the "-" sign is a special character in WMI!
wmic /node:'IP_address_of_any_machine_in_target_domain' /user:'the_other_domain\any_domain_admin_account' process call create "cmd /c "net user username new_password /domain""
It will ask you for the password of the domain account on the other domain, but I'm certain you will not be able to enter the new password for the user by using the asterisk, so I suggested to type it in directly in the command line.
Unfortunately, you will not receive any output regarding the password change success, so be STRONGLY advised you will ONLY receive the output of the WMI query, be it a success or a failure and you will need to check if the new credentials were set. I know it's kinda bad to enter passwords in plain text, but that's the only way I currently know of. There is a workaround with a batch file to read the passwords from a text file and then input them in the query, but it really seems pointless to me.
The line below:
wmic /node:'IP_address_of_a_machine_in_target_domain_the_user_has_access_to' /user:'the_other_domain\the_machine_the_user_has_access_to' computersystem get domain
should return you the remote machine's domain, if password change was successful.
You can do it with smbpasswd on a linux machine easily. On windows you have to install the linux subsystem and run:
smbpasswd -U <user> -r <IP address of DC>
Fix samba conf file (/etc/samba/smb.conf
) if you have network errors by changing the network line as follow:
interfaces = 127.0.0.0/8 lo eth0