Change AD User Password activity
The Change AD User Password activity changes the password for an Active Directory user account.
This activity requires the user's current password to run, unlike the Reset AD User Password activity. If the new password violates any Active Directory password requirements, such as length or character combinations, the activity fails and returns the appropriate error message. This error message appears in the ECC queue and in hint text when a user points to the activity in the Workflow Editor.
Input variables
| Variable | Description |
|---|---|
| DomainController | IP address of the domain controller machine. |
| User | The sAMAccountName of the Active Directory user account. |
| New_password | The new password to assign this user. |
| Old_password | The user's current password. |
Output variables
| Variable | Description |
|---|---|
| result | One of the following outcomes:
|
| errorMessage | The executionResult.errorMessages from the Activity designer parsing sources. |
| hresult | Powershell command result. |
Conditions
| Condition | Description |
|---|---|
| Success | Password successfully reset. |
| Policy Failure | Password does not comply with the organization's Active Directory requirements. |
| Incorrect old password | Password being changed was not entered correctly. |
| Failure | An error occurred while attempting to change the password. Additional details may be available in the workflow log. |
Active Directory credentials with LDAP
If you are using an LDAP Server with MID Servers, note that Orchestration and Active Directory activities do not use the user name and password configured on LDAP Servers. You must create a Windows type orchestration credential record Windows credentials. The username and password in the credentials record is used for LDAP queries that Orchestration and workflow activities perform.