I needed to update a password for an account I was not interactively logged in as and I do not have administrative access to force change the password, but I do know the old password. There has to be a way to change the password like the ctrl+alt+del and click way! Here is what I did:
$old_cred = Get-Credential -UserName "$env:USERDOMAIN\$env:username" -Message "Enter Username and Current Password"
$newpw = Read-Host -AsSecureString -Prompt "Enter New Password"
$newpw2 = Read-Host -AsSecureString -Prompt "Re-enter New Password"
if ([System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($newpw)) -eq [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($newpw2))) {
$user_obj = [adsi]("WinNT://"+$old_cred.UserName.Replace("\","/"))
$user_obj.ChangePassword([System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($old_cred.Password)), [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($newpw)))
} else {
#Tell the user and stop
Read-Host -Prompt "Passwords did not match"
}
$old_cred = $null
$newpw = $null
$newpw2 = $null