Change user password on other domain command line

You can use the below command to reset the user password.

dsquery user -samid username | dsmod user -pwd new_password

If you logged as a domain controller, you can you the below command

net user username new_password

You can also use the below net user command from your workstation

net user username new_password /domain

Just involve WMIC in the game...

There are some prerequisites, though - WinRM should be enabled and allowed through the firewall on the remote machine and it would be best if you can use the same subnet as the DC (which I believe you have access to).

First you must authenticate against the other domain and then to run the desired command on it:

Note the single quotes, as the "-" sign is a special character in WMI!

wmic /node:'IP_address_of_any_machine_in_target_domain' /user:'the_other_domain\any_domain_admin_account' process call create "cmd /c "net user username new_password /domain""

It will ask you for the password of the domain account on the other domain, but I'm certain you will not be able to enter the new password for the user by using the asterisk, so I suggested to type it in directly in the command line.

Unfortunately, you will not receive any output regarding the password change success, so be STRONGLY advised you will ONLY receive the output of the WMI query, be it a success or a failure and you will need to check if the new credentials were set. I know it's kinda bad to enter passwords in plain text, but that's the only way I currently know of. There is a workaround with a batch file to read the passwords from a text file and then input them in the query, but it really seems pointless to me.

The line below:

wmic /node:'IP_address_of_a_machine_in_target_domain_the_user_has_access_to' /user:'the_other_domain\the_machine_the_user_has_access_to' computersystem get domain

should return you the remote machine's domain, if password change was successful.


You can do it with smbpasswd on a linux machine easily. On windows you have to install the linux subsystem and run:

smbpasswd -U <user> -r <IP address of DC>

Fix samba conf file (/etc/samba/smb.conf) if you have network errors by changing the network line as follow:  

interfaces = 127.0.0.0/8 lo eth0