This article explains how to use the Password Reset module to change the password of local Active Directory (AD) users. This tool allows authorised staff to securely update user credentials without needing direct access to Active Directory or the user’s device.
Related Packages and Compatibility:
Enterprise Cloud - Network Cloud
Windows: 10, 11
The Password Reset module allows authorised staff to reset Active Directory (AD) user passwords through the Senso platform. The module uses a device on the local network to communicate with your AD server, and requires a policy to be configured with AD credentials that have permission to change user passwords.
Creating a Policy
Step 1: Find the group you want to apply the policy to. In this example, we’ll use a ‘Password Reset’ policy group that we’ve created and filtered with selected devices. For group creation and filtering , please see here. Once you’ve located the group, click the Policies tab and select + Add Policy. This will open a new window.
Step 2: Under Policy Details, populate a name for the policy and ensure the policy is set to enabled.
Step 3: Under Policy Items, Select 'Settings' from the module type drop down and ensure "enable password reset credentials is enabled.
Populate the following :
Server IP - The local IP of your AD server
Server Username - The username of an account with permissions to reset AD passwords
Server Password - The password for the username being used
Domain - The domain , in our example telford.local
Click Confirm to save the policy. Any device with this policy applied can now act as a relay to communicate with your AD server and perform password resets.
Resetting a users password
Step 1: Locate the 'Reset Password' module and select a device with the above policy applied.
Step 2: Populate the Username field and set the users new password, once you click run feedback will be displayed advising the password has been reset successfully.
Disable User Account – This option will immediately disable the selected user’s account in Active Directory, preventing them from logging in until the account is manually re-enabled.
Force User to Change Password at Next Login – When enabled, the user will be required to set a new password the next time they sign in. This is commonly used after a password reset to ensure account security.