0 votes


We are a European branch of a US company, our Exchange server is in US and talks to the US DC.

This leads to the situation that when our helpdesk resets a password, in order to make the reset effective immediately for the user, they need to perform the reset for internal users on the local DC and for external users on the US DC.

Would there be any way to have the team choose the DC to perform the reset on when resetting passwords through web UI? Even better would be if it could be scripted based on OU the user resides in.


by (240 points)

1 Answer

0 votes
by (215k points)
selected by
Best answer


There is no such possibility. As a workaround, you can install an instance of Adaxes service and Web Interface in each site. In this case, the Web Interfaces will connect to the closes service, and the services will connect to the nearest available DCs, making password change effective immediately.

The Adaxes Services, in their turn, can share a common configuration. This means that you do not need to configure each service separately. A change in the configuration of one of the services will be replicated to the other ones immediately. Also, when configuration is shared, you can use one license for all the service instances that share the configuration. For information on how to share configuration between services, have a look at the following help article: http://www.adaxes.com/help/?HowDoI.Mana ... ation.html.

Finally, you can configure your DNS so that all the Web Interfaces have the same address, but users will be redirected to the necessary Web interface server depending on which site they are in.


Thanks, while that approach might work for other situations, for what I am trying to accomplish it seems a bit too convoluted.

Right now I am trying the following:

- Created a business rule that triggers after a password reset is done
- Add powershell script action that sets the password for the user on the US DC using Set-ADAccountPassword with -Server parameter pointing to the US DC

Now I am running into the issue that when I value reference the AD object the reset is done for (I tried both %username% and %sAMAccountName%) I get

The term 'Set-ADAccountPassword' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

If I specify a specific account manually instead of the value reference the command works, could you point me in direction to troubleshoot this please?



I now cannot replicate the command succeeding when specifying the account directly instead of using value reference so please disregard my comment about that.

I tried now also with the Set-AdmAccountPassword command but same result, this is the code I am using :

Set-AdmAccountPassword -Identity %sAMAccountName% -Reset -NewPassword (ConvertTo-SecureString -AsPlainText %unicodePwd% -Force) -Server ourdc.ourdomain.com


Adaxes uses PowerShell 2.0, so you need to import PowerShell modules explicitly:

Import-Module Adaxes

Set-AdmAccountPassword -Identity "%sAMAccountName%" -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "%unicodePwd%" -Force) -Server ourdc.ourdomain.com

Note, however, that such an approach can cause issues when Active Directory performs password replication. We strongly do not recommend it.


Thanks for the explanation and warning, did not consider that.

Resolved it now by adding a home page action that triggers a custom command on user object, in the custom command i use the powershell code to reset the password on the appropriate DC based on the OU the user account is located in. This works now.

Thanks for the help!

Related questions

0 votes
1 answer

We are looking to implement Self-Password reset for users through Adaxes and need the following information: Is there any additional licensing costs to use the Adaxes Self- ... the earliest version of Adaxes that the client is available? Thank you in advance.

asked Jan 7 by lgibbens (300 points)
0 votes
1 answer

Hello, Is it currently possible to modify what is sent to users initiating a password reset?

asked Aug 13, 2017 by polley (1.2k points)
0 votes
1 answer

We are looking to implement an email going to the manager of end user and end user that a password request was performed. We will use this a security measure similar to ... this to be a great stop gap measure for security. Please advise if this is possible.

asked Dec 9, 2016 by willy-wally (3.2k points)
0 votes
1 answer

We have multiple secondary domains that are being managed by Adaxes. Everything seems to be working except self service portal login. We tested with our other secondary domains and those ... other than sign failed. What else can I look at to figure this out?

asked Aug 21, 2020 by mark.it.admin (1.5k points)
0 votes
0 answers

Hi, Not worked with Adaxes before and just as I joined company we've had domain migration in place. After migration, whenever we want to access Exchange properties of a user ... works fine across domain..? Any ideas, however basic they may be?? regards Robert

asked Oct 16, 2019 by roberttryba (70 points)
2,493 questions
2,240 answers
414,931 users