Is it possible for a user that is not in the Administrators group to change his or her domain password in a coommand line, that is, without using ctrl-alt-delete?
It seems to me that this is not possible. Otherwise, I'd like to be corrected on this assumption.
Also, if my assumption is correct, I am wondering if this because it is technically not possible of because it is "by design".
In PowerShell (requires the ActiveDirectory module from RSAT):
$oldpass = Read-Host -AsSecureString "Current Password"
$newpass = Read-Host -AsSecureString "New Password"
Set-AdAccountPassword -Identity $env:USERNAME -OldPassword $oldpass -NewPassword $newpass
In PowerShell without needing the ActiveDirectory module:
$filter = "(&(sAMAccountName=$($env:USERNAME))(sAMAccountType=805306368))"
$user = ([adsisearcher]$filter).FindOne().GetDirectoryEntry()
$user.ChangePassword('old pass', 'new pass')
