Resetting and enabling an AWS Managed Microsoft AD user's password

Use the following procedure to reset an AWS Managed Microsoft AD user's password to enable their account with user and group management or AWS Directory Service Data in either the AWS Management Console or AWS CLI.

Before you begin either procedure, you need to complete the following:

Creating your AWS Managed Microsoft AD.
To use user and group management or AWS Directory Service Data CLI, it must be enabled. For more information, see Enable user and group management or Directory Service Data.
You can only enable this feature from the Primary AWS Region for your directory. For more information, see Primary vs additional Regions.
You'll need the necessary IAM permissions to use AWS Directory Service Data. For more information, see AWS Directory Service API permissions: Actions, resources, and conditions reference. To get started granting permissions to your users and workloads, you can use AWS managed policies like AWSDirectoryServiceDataFullAccess or AWSDirectoryServiceDataReadOnlyAccess. For more information, see Security best practices in IAM.
Creating an AWS Managed Microsoft AD user.

AWS Management Console

You can reset an AWS Managed Microsoft AD user's password to enable their account in the AWS Management Console. You can perform this task from either the Directories screen or Directory details screen.

Directories

Open the AWS Directory Service console at https://console.aws.amazon.com/directoryservicev2/.
From the navigation pane, choose Active Directory, and then choose Directories. You're directed to the Directories screen where you can view a list of directories in your AWS Region.
Choose Actions, and then choose Reset user password and enable account.
1. Under User logon name, enter the user logon name for the user whose password you want to reset.
2. Under New password, enter the user's new password.
3. Under Confirm password, enter user's new password again.
After you confirm the user's new password, choose Reset password and enable account.

Directory details

Open the AWS Directory Service console at https://console.aws.amazon.com/directoryservicev2/.
From the navigation pane, choose Active Directory, and then choose Directories. You're directed to the Directories screen where you can view a list of directories in your AWS Region.
Choose a directory. You're directed to the Directory details screen.
Choose Users. The tab shows a list of users in your directory.
Select the user whose password you want to reset.
Choose Actions, and then choose Reset user password and enable account.
1. Under New password, enter the user's new password.
2. Under Confirm password, enter user's new password again.
After you confirm the user's new password, choose Reset password and enable account.

AWS CLI

You can reset an AWS Managed Microsoft AD use's password to enable their account with the AWS Directory Service Data CLI.

Note

The reset user's password command uses aws ds.

To reset an AWS Managed Microsoft AD user's password with the AWS CLI

To reset a user's password, open the AWS CLI, and run the following command, replacing the Directory ID, username, and password with your AWS Managed Microsoft AD Directory ID, username, and desired credentials:


aws ds reset-user-password --directory-id d-1234567890 --user-name jane.doe --new-password your-password

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Disabling a user

Creating a group