Active Directory Password Reset

Learn more about active directory password reset.

Users sometimes forget their password or mistype it often enough to trigger an intruder lockout. When this happens, users cannot sign into systems and applications where they would otherwise use the forgotten or locked out password. This type of problem is so common that it is often the highest volume incident type in IT help desks.

Password reset software can be deployed to reduce the IT support cost associated with forgotten or locked out passwords, by moving problem resolution from an assisted-service to a self-service model and by helping users to more effectively manage their passwords. Most Password reset systems are accessed using a web browser.

Enabling users who have forgotten or locked out their Active Directory (AD) password to resolve their own problem via a self-service mechanism is more complex than supporting users who experience problems with passwords on other systems. This is because users normally type their AD to sign into their PC and so cannot (yet) launch a web browser to access the password reset URL.

Complicating matters, the Windows client operating system (i.e., Windows XP, 7 or 8) normally caches the user's AD password, so that the user will be able to authenticate to his PC even when it is disconnected from the network or in the event of a disruption to Active Directory service on the network.

Finally, and perhaps most complex, users may need to access the password reset system to resolve problems with their AD password while they are away from the corporate network -- i.e., working from home, at a coffee shop, etc. This adds technical difficulty because the password reset system is normally deployed to a private corporate network and is not accessible from the outside world, at least not without a virtual private network (VPN), which generally cannot be established until after the user has signed into his PC and established at least connectivity to the public Internet.

Hitachi ID Password Manager is a complete solution for managing passwords and other credentials, intended for users in a medium to large enterprise. It includes self service password reset features, Active Directory integration and Self-Service -- a set of capabilities that enable self-service even anywhere -- including from pre-boot, from the Windows login prompt and while away from the office.

Return to Identity Management Concepts