account's password notification after it changed

Kochubei, Ivan (GDC) 1 Reputation point
2022-10-04T11:35:20.797+00:00

Hi Team,

we need to implement a new password notification mechanism for users.
In our thoughts it should work this way:

there is some mechanism which automatically changes password for user in some time period, after password is changed user must receive an email with new password.

Is there any way to do that without 3rd party software, only with built-in tools inside Windows AD environment.
We thought about gMSA account. but it doesn't fit to our requests.
Thank you.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,641 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Gary Reynolds 9,376 Reputation points
    2022-10-04T20:48:21.6+00:00

    Hi,

    I would suggest you reconsider your requirements, as send passwords over an insecure protocol is probably not a good idea.

    Maybe look at the option of sending a notification to users that the their password is about to expire and needs to be changed. Then depending on your environment implement a secure method (SSPR) that allows users to change their password, if the normal password change mechanism is not available.

    Gary.

    0 comments No comments

  2. Daisy Zhou 17,991 Reputation points Microsoft Vendor
    2022-10-06T06:38:19.417+00:00

    Hello KochubeiIvanGDC-7380,

    Thank you for posting in our Q&A forum.

    As far as I know, maybe there is no such way to automatically changes password for domain users with built-in tools inside Windows AD environment.

    For AD user password, either the AD administrator can reset the passwords for the AD users on Domain Controller (Active Directory Users and Computers tool), or the domain users can change their passwords on their domain clients manually.

    I know the local administrator password (the built-in local Administrator password or custom local administrator password) on domain client machine can be changed automatically through LAPS tool Periodically.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments