11
1
I've read about the command net user <username> <password> /domain
to "change" my domain account password. But this isn't asking for my current password, and I have the impression (although nobody warned me explicitly) that it really doesn't normally change/update my password, but instead reset it. This would mean that I lose access to all encrypted things bound to my credentials, e. g. EFS.
How can I change my password for a domain account on the command line without losing crypto access? I'm looking for a full functional equivalent of the Ctrl+Alt+Delete/Change Password GUI for automation. It should also accept the current password as command line parameter if necessary.
This is for Windows 7 and a similar-aged or more current domain controller. I have local administrator privilege but not for the domain, but I imagine that it shouldn't be necessary to change my own user password.
@Ramhound Linux works entirely differently. It has a single text file with password hashes that are only used for logins. You can use alternative login methods like SSH keys or su and still have all your data. Windows links crypto data to your credentials and this is what gets lost when you don't properly update your password, i. e. reset it. The Powershell command mentioned below also requires the old password unless the -reset switch is specified. – ygoe – 2016-09-08T08:03:42.933