Password Change for AD and LDAP Users

You can use PrivX to change AD/LDAP-user passwords. PrivX is also able to detect if an AD/LDAP user's password needs to be changed, and prompt for password change upon their next PrivX login.

This feature works currently only with user directories of type Active Directory and LDAP(OpenLDAP).

To allow password change via PrivX, enable Allow user password change in the user-directory settings.

Also ensure that the AD/LDAP Bind DN has write permissions, which are required for successful password change.


AD/LDAP users can now go to their account page and click Change Password to change their password.

AD/LDAP admins may force a user to change their password upon the next login.

Forcing a password change for AD/LDAP users cannot be done from PrivX. This must be configured within the AD/LDAP Server instead.

Was this page helpful?