This desktop application was created to allow IT engineers to quickly and effectively change all their Active Directory passwords across multiple domains.
It is written completley in PowerShell but utilizing .NET Framework classes and assemblies.
- Change all your Active Directory user passwords in one place
- Multiple options for setting the passwords:
- Set one password for all your accounts (obviously less secure and might conflict with your company’s password policy)
- Set a different password for each of your accounts
- Instead of manually typing a password, choose to set one or multiple random passwords, receive it via one of the Copy to Clipboard buttons.
- User based settings are stored between sessions
- Color theme options
- Window state, position and size
- Window stay on top choice
- Searches user accounts in all configured domains based on the sAMAccountName of the user currently running the app. This means that relevant user accounts are only found in case there is a naming convention applied to the sAMAccountName across all domains. (e.g. DOMAIN1\jdoe, DOMAIN2\jdoe, DOMAIN3\jdoe,...)
- Current password and new password can be set either for all user accounts at once or individually
- Password can only be changed before expiration. If an expired user account is found it will be automatically unchecked and ignored
- The initial search is performed with the currently logged in user, only if there is a domain trust setup user accounts within other domains are found immediately. If this is not in place the search will be performed again with domain local credentials as soon as a password has been provided
- The password change will be performed with the provided credentials entered in one of the "Current Password" fields. There is no super user required for the app to work
- All credentials are held in memory as SecureString
- PowerShell 5.0 or later
- Remote Server Administration Tools installed on the machine that will run the client
- Port 9389 for Active Directory Web Services opened from the client to all domain controllers
- Make sure that all points under requirements are in place
- Clone the repository and open the config.csv file
- Remove all the example domain entries from the file
- Add the domains that should be searched for accounts
- You are done, start the app via adam.exe and begin searching for your user accounts
The domains need to be configured in the config.csv file located in the root folder of the app. This configuration will apply to all users starting the app, if each user must have a different set of domains its required to have multiple installations of this repository.
| Column | Description | Example |
|---|---|---|
| DomainDisplayName | The name that is going to be displayed | Contoso |
| DomainController | Hostname of the domain controller | contoso-dc1 |
| DomainName | The domain name, will be used in combination with the value provided in the DomainController field to construct the dc's fqdn | contoso.lan |
User based settings are stored under %appdata%\ActiveDirectoryAccountManager_cberg\userConfig.csv.
This file is generated on the first close of the application and stores choices made in the settings flyout and various fields of the application window.
| Column | Description | Default |
|---|---|---|
| Height | Window height in pixels | 600 |
| Width | Window width in pixels | 1200 |
| Top | Pixel offset from top | 0 |
| Left | Pixel offset from left | 0 |
| ThemeSkin | Selected base skin (BaseLight, BaseDark) | BaseDark |
| ThemeAccent | Accent color of the theme | Cobalt |
| WindowStayTop | If true, window will position itself on top of other windows, even if focus is lost | true |
| WindowState | Specifies whether a window is minimized, maximized, or restored. WindowState Enum | Normal |