Users unable to change password via system pref's 10.4.10

I am running 1 OD Master and 3 OD Replica's, all servers running 10.4.10, clients running 10.2.8, 10.39 and 10.4.10. All network users can log in with no problems at all, however if a user needs to change their password in System Preferences in 10.4.10, they are unable to do so. The old password field keeps saying "incorrect password" though the password is indeed correct. I have no problems changing any users password on the 10.2.8 and 10.3.9 machines using System Preferences. Any ideas??

I'm working through a problem right now where my users were having problems changing their passwords. I'm using network user accounts. I had a password policy configured on the server where users were allowed to change their passwords, and the password had to be changed every 90 days.
Well, the time came when it was time to change the passwords and users were prompted to do so and did. However, afterwards they started receiving Kerberos password prompts, and it wouldn't take their new password. Restarting didn't help either. If I reset the password on the server, the user could login and things would be fine until they tried to change the password in Sys Prefs : Accounts and the problem would repeat itself.
So far, the solution seems to be disabling the password policies in the Open Directory service in Server Admin. I'm going back on-site tomorrow to see what I can find out. You might want to give that a shot.

Similar Messages

  • Active Directory users unable to change passwords

    I have about 10 Macs running 10.4.11 that are bound to Active Directory (Windows 2000 Server).
    Users see the warning that their password is about to expire. However, for users who have a local account on the machine, when they attempt to change their password via System Prefs, only the local password is changed - the Active Directory password remains unchanged.
    For users who do not have a local account on the machine, this error occurs:
    "You cannot change your password to the password you entered. Your system administrator may not allow you to change your password or there was some other problem with your password."
    We have the following password requirements in place via Group Policy: complexity, length, min age (2 days), max age (90 days), history (last 4 remembered).
    Has anyone else encountered this?
    Thanks.

    Sign me up as well. I dont remember this being an issue before 10.5.5. I notice that it makes directory services crash and makes a crash report. I'll paste below.
    Note: the time appears to be synced properly with the domain controller-BUT i can an error in the console saying:
    com.apple.service_helper[6492]: launchctl: Error unloading: org.ntp.ntpd
    com.apple.launchd[1] (org.ntp.ntpd): Unknown key: SHAuthorizationRight
    I am able to communicate with time server via ntpq -inp
    Directory Service Crash Report:
    Process: DirectoryService [34]
    Path: /usr/sbin/DirectoryService
    Identifier: DirectoryService
    Version: ??? (???)
    Code Type: X86 (Native)
    Parent Process: launchd [1]
    Date/Time: 2008-12-05 16:38:09.091 -0800
    OS Version: Mac OS X 10.5.5 (9F33)
    Report Version: 6
    Exception Type: EXCBADACCESS (SIGSEGV)
    Exception Codes: KERNINVALIDADDRESS at 0x00000000c018096b
    Crashed Thread: 2
    Thread 0:
    0 libSystem.B.dylib 0x94a734a6 machmsgtrap + 10
    1 libSystem.B.dylib 0x94a7ac9c mach_msg + 72
    2 com.apple.CoreFoundation 0x948ef0ce CFRunLoopRunSpecific + 1790
    3 com.apple.CoreFoundation 0x948efd54 CFRunLoopRun + 84
    4 DirectoryService 0x000173ff main + 2767
    5 DirectoryService 0x00016912 start + 54
    Thread 1:
    0 libSystem.B.dylib 0x94a734a6 machmsgtrap + 10
    1 libSystem.B.dylib 0x94a7ac9c mach_msg + 72
    2 com.apple.CoreFoundation 0x948ef0ce CFRunLoopRunSpecific + 1790
    3 com.apple.CoreFoundation 0x948efd54 CFRunLoopRun + 84
    4 DirectoryService 0x000235bc CPluginRunLoopThread::ThreadMain() + 222
    5 ...ectoryServiceCore.Framework 0x00167f83 DSCThread::Run() + 39
    6 ...ectoryServiceCore.Framework 0x0016818e DSLThread::_RunWrapper(void*) + 84
    7 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    8 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 2 Crashed:
    0 libobjc.A.dylib 0x94de1688 objc_msgSend + 24
    1 ...oryService.Active Directory 0x00305eaf -[ADSPluginNode changePassword:recordName:oldPassword:newPassword:] + 767
    2 ...oryService.Active Directory 0x003415ee BaseDirectoryPlugin::DoSimplePasswordChange(sBDPINodeContext*, __CFString const*, tDataBuffer*) + 682
    3 ...oryService.Active Directory 0x00340b76 BaseDirectoryPlugin::DoAuthentication(sDoDirNodeAuth*, char const*, CDSAuthParams&) + 718
    4 ...oryService.Active Directory 0x00346aca BaseDirectoryPlugin::ProcessRequest(void*) + 1376
    5 ...oryService.Active Directory 0x0030ebae ADSPlugin::ProcessRequest(void*) + 66
    6 ...oryService.Active Directory 0x0033fc5c _ProcessRequest(void*, void*) + 92
    7 DirectoryService 0x00002d8d CRequestHandler::HandlePluginCall(sComData**) + 775
    8 DirectoryService 0x00003b48 CRequestHandler::HandleRequest(sComData**) + 82
    9 DirectoryService 0x0002ec71 dsmigdo_apicall + 543
    10 DirectoryService 0x00060df4 Xapicall + 407
    11 DirectoryService 0x00060aa0 DirectoryServiceMIG_server + 109
    12 DirectoryService 0x00026d08 dsmigdemux_notify(mach_msg_headert*, machmsg_headert*) + 86
    13 libSystem.B.dylib 0x94ae8ed3 machmsgserver + 343
    14 DirectoryService 0x000237f5 CMigHandlerThread::ThreadMain() + 303
    15 ...ectoryServiceCore.Framework 0x00167f83 DSCThread::Run() + 39
    16 ...ectoryServiceCore.Framework 0x0016818e DSLThread::_RunWrapper(void*) + 84
    17 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    18 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 3:
    0 libSystem.B.dylib 0x94a7a68e _semwaitsignal + 10
    1 libSystem.B.dylib 0x94acb8e0 pthreadcondtimedwait$UNIX2003 + 72
    2 ...ectoryServiceCore.Framework 0x00168409 DSEventSemaphore::WaitForEvent(long) + 191
    3 DirectoryService 0x00043200 CSearchPlugin::CheckNodes(tDirPatternMatch, int*, DSEventSemaphore*) + 1120
    4 DirectoryService 0x000432f9 CSearchPluginHandlerThread::ThreadMain() + 101
    5 ...ectoryServiceCore.Framework 0x00167f83 DSCThread::Run() + 39
    6 ...ectoryServiceCore.Framework 0x0016818e DSLThread::_RunWrapper(void*) + 84
    7 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    8 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 4:
    0 libSystem.B.dylib 0x94a7a68e _semwaitsignal + 10
    1 libSystem.B.dylib 0x94acb8e0 pthreadcondtimedwait$UNIX2003 + 72
    2 ...ectoryServiceCore.Framework 0x00168409 DSEventSemaphore::WaitForEvent(long) + 191
    3 DirectoryService 0x00043200 CSearchPlugin::CheckNodes(tDirPatternMatch, int*, DSEventSemaphore*) + 1120
    4 DirectoryService 0x000432f9 CSearchPluginHandlerThread::ThreadMain() + 101
    5 ...ectoryServiceCore.Framework 0x00167f83 DSCThread::Run() + 39
    6 ...ectoryServiceCore.Framework 0x0016818e DSLThread::_RunWrapper(void*) + 84
    7 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    8 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 5:
    0 libSystem.B.dylib 0x94aa3f66 kevent + 10
    1 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    2 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 6:
    0 libSystem.B.dylib 0x94ac35e2 select$DARWIN_EXTSN + 10
    1 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    2 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 7:
    0 libSystem.B.dylib 0x94ab61d5 syscall + 5
    1 ...ectoryServiceCore.Framework 0x00167f83 DSCThread::Run() + 39
    2 ...ectoryServiceCore.Framework 0x0016818e DSLThread::_RunWrapper(void*) + 84
    3 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    4 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 8:
    0 libSystem.B.dylib 0x94a734a6 machmsgtrap + 10
    1 libSystem.B.dylib 0x94a7ac9c mach_msg + 72
    2 libSystem.B.dylib 0x94ad0dc1 machmsg_serveronce + 318
    3 DirectoryService 0x00023768 CMigHandlerThread::ThreadMain() + 162
    4 ...ectoryServiceCore.Framework 0x00167f83 DSCThread::Run() + 39
    5 ...ectoryServiceCore.Framework 0x0016818e DSLThread::_RunWrapper(void*) + 84
    6 libSystem.B.dylib 0x94aa46f5 pthreadstart + 321
    7 libSystem.B.dylib 0x94aa45b2 thread_start + 34
    Thread 2 crashed with X86 Thread State (32-bit):
    eax: 0x0028c030 ebx: 0x94fa606b ecx: 0x94e7d334 edx: 0xc018094b
    edi: 0x00000001 esi: 0x00600fe0 ebp: 0xb01027e8 esp: 0xb0102678
    ss: 0x0000001f efl: 0x00010206 eip: 0x94de1688 cs: 0x00000017
    ds: 0x0000001f es: 0x0000001f fs: 0x0000001f gs: 0x00000037
    cr2: 0xc018096b
    Binary Images:
    0x1000 - 0x10ffff +DirectoryService ??? (???) <4c56e8e1e57b70096f86b84a52d49c0a> /usr/sbin/DirectoryService
    0x160000 - 0x16eff3 com.apple.DirectoryServiceCore.Framework 3.5.5 (3.5.5) <29a684df6d0a0fafe87aeabaa5ca72c9> /System/Library/PrivateFrameworks/DirectoryServiceCore.framework/Versions/A/Dir ectoryServiceCore
    0x19b000 - 0x19dffc apop.so ??? (???) <af168e2e8b86c66628d8b1d44b646cb7> /usr/lib/sasl2/apop.so
    0x1a1000 - 0x1a9fff digestmd5WebDAV.so ??? (???) <192fc897aeea8b4c8fe66dcef8137a95> /usr/lib/sasl2/digestmd5WebDAV.so
    0x1ca000 - 0x1ccfff libanonymous.2.so ??? (???) <161902c9ed78dce78b61125c7c155f0f> /usr/lib/sasl2/libanonymous.2.so
    0x1e3000 - 0x1e5ffc libcrammd5.2.so ??? (???) <c917c89eefddcfcacf48c939c3af12aa> /usr/lib/sasl2/libcrammd5.2.so
    0x1e9000 - 0x1f2ffb libdigestmd5.2.so ??? (???) <c8595204acd0e7cb362b33d008693019> /usr/lib/sasl2/libdigestmd5.2.so
    0x1f6000 - 0x1fafff libgssapiv2.2.so ??? (???) <a47ee23249e7c36aee418a6e7fd3a502> /usr/lib/sasl2/libgssapiv2.2.so
    0x300000 - 0x358ffc com.apple.DirectoryService.Active Directory 1.6.3 (1.6.3) <aeaf0f5bed2b48a776a4567154f3fa66> /System/Library/Frameworks/DirectoryService.framework/Resources/Plugins/Active Directory.dsplug/Contents/MacOS/Active Directory
    0x377000 - 0x38ffe2 dhx.so ??? (???) <8144ab11b8201f120dc87f3ec57d0714> /usr/lib/sasl2/dhx.so
    0x39e000 - 0x3a0ffc login.so ??? (???) <03d28ec908a6ed9abee1b25fe87716ef> /usr/lib/sasl2/login.so
    0x3a4000 - 0x3abffc libotp.2.so ??? (???) <0b7c8cd165835331c586e49465ef1186> /usr/lib/sasl2/libotp.2.so
    0x3b5000 - 0x3b7ffc libplain.2.so ??? (???) <5992f1149ff6cc7fadafa2bfd4ecc00a> /usr/lib/sasl2/libplain.2.so
    0x3bb000 - 0x3c0ffc libpps.so ??? (???) <31fe03649320e2f8b5404b179684d23a> /usr/lib/sasl2/libpps.so
    0x3c6000 - 0x3c9fff mschapv2.so ??? (???) <5c0fc0400a600f7c2d29ecbf95bc6017> /usr/lib/sasl2/mschapv2.so
    0x3cd000 - 0x3cfffc shadow_auxprop.so ??? (???) <b90c297da0fdf1bf0252ea496fbe83f2> /usr/lib/sasl2/shadow_auxprop.so
    0x3d5000 - 0x3d7ffd smb_lm.so ??? (???) <b0e54904b8dcecaa7d98c39841d03528> /usr/lib/sasl2/smb_lm.so
    0x3db000 - 0x3ddffc smb_nt.so ??? (???) <f927d77c27a795c0e7bb8478a47b83ed> /usr/lib/sasl2/smb_nt.so
    0x3e1000 - 0x3e4ff0 smb_ntlmv2.so ??? (???) <a31a5d3a2184c97ecb945c6cbd308da9> /usr/lib/sasl2/smb_ntlmv2.so
    0x3f8000 - 0x3f9fff com.apple.odlocate 1.1 (1.1) <58ace87ddfcba42df58856cabf3b6633> /System/Library/KerberosPlugins/KerberosFrameworkPlugins/ODLocate.bundle/Conten ts/MacOS/ODLocate
    0x436000 - 0x437ffc com.apple.KerberosHelper.LKDCLocate 1.1 (1.0) <cec0029c7e0345fee6e22aac185376c7> /System/Library/KerberosPlugins/KerberosFrameworkPlugins/LKDCLocate.bundle/Cont ents/MacOS/LKDCLocate
    0x8fe00000 - 0x8fe2da53 dyld 96.2 (???) <14ac3b684fa5a31932fa89c4bba7a29b> /usr/lib/dyld
    0x90315000 - 0x9039cff7 libsqlite3.0.dylib ??? (???) <6978bbcca4277d6ae9f042beff643f7d> /usr/lib/libsqlite3.0.dylib
    0x91d29000 - 0x91d54fe7 libauto.dylib ??? (???) <42d8422dc23a18071869fdf7b5d8fab5> /usr/lib/libauto.dylib
    0x91d55000 - 0x9202fff3 com.apple.CoreServices.CarbonCore 786.6 (786.6) <5682aae1e2cf5ae750d5a4dea98c084c> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonC ore.framework/Versions/A/CarbonCore
    0x922cf000 - 0x92313feb com.apple.DirectoryService.PasswordServerFramework 3.0.3 (3.0.3) <8135bb4f34a3bf02b8c2ca869fe33a42> /System/Library/PrivateFrameworks/PasswordServer.framework/Versions/A/PasswordS erver
    0x92793000 - 0x92812ff5 com.apple.SearchKit 1.2.1 (1.2.1) <3140a605db2abf56b237fa156a08b28b> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchK it.framework/Versions/A/SearchKit
    0x92891000 - 0x928a7fff com.apple.DictionaryServices 1.0.0 (1.0.0) <ad0aa0252e3323d182e17f50defe56fc> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Diction aryServices.framework/Versions/A/DictionaryServices
    0x928a8000 - 0x928dffff com.apple.SystemConfiguration 1.9.2 (1.9.2) <8b26ebf26a009a098484f1ed01ec499c> /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfi guration
    0x92964000 - 0x929adfef com.apple.Metadata 10.5.2 (398.22) <a6b676925dd832780daf991e79adfebd> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadat a.framework/Versions/A/Metadata
    0x929ae000 - 0x929bcffd libz.1.dylib ??? (???) <5ddd8539ae2ebfd8e7cc1c57525385c7> /usr/lib/libz.1.dylib
    0x92a17000 - 0x92aa3ff7 com.apple.LaunchServices 290 (290) <61af37aac50984d220dd176f777e3b72> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchS ervices.framework/Versions/A/LaunchServices
    0x92aa4000 - 0x92bdcff7 libicucore.A.dylib ??? (???) <3d8fdaf51c2664ab620f1688203caf26> /usr/lib/libicucore.A.dylib
    0x939bf000 - 0x939c3fff com.apple.OpenDirectory 10.5 (10.5) <e7e4507f5ecd8c8cdcdb2fc0675da0b4> /System/Library/PrivateFrameworks/OpenDirectory.framework/Versions/A/OpenDirect ory
    0x93ecd000 - 0x93ed1fff libmathCommon.A.dylib ??? (???) /usr/lib/system/libmathCommon.A.dylib
    0x93f4d000 - 0x93f4dffa com.apple.CoreServices 32 (32) <2fcc8f3bd5bbfc000b476cad8e6a3dd2> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
    0x94105000 - 0x94123fff libresolv.9.dylib ??? (???) <a8018c42930596593ddf27f7c20fe7af> /usr/lib/libresolv.9.dylib
    0x94124000 - 0x941a8fe3 com.apple.CFNetwork 339.5 (339.5) <c6565c13b0356e1d4bb99a68398d558b> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CFNetwo rk.framework/Versions/A/CFNetwork
    0x94569000 - 0x94619fff edu.mit.Kerberos 6.0.12 (6.0.12) <da7253e3fb7e47e46cb46d47ed320ffc> /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
    0x9485e000 - 0x9487cff3 com.apple.DirectoryService.Framework 3.5.5 (3.5.5) <4b81063df189bc462f012a169474fcbc> /System/Library/Frameworks/DirectoryService.framework/Versions/A/DirectoryServi ce
    0x9487d000 - 0x949affff com.apple.CoreFoundation 6.5.4 (476.15) <e2869ad6dc1dd289f21b305b0bea9158> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
    0x94a0c000 - 0x94a13fe9 libgcc_s.1.dylib ??? (???) <f53c808e87d1184c0f9df63aef53ce0b> /usr/lib/libgcc_s.1.dylib
    0x94a14000 - 0x94a71ffb libstdc++.6.dylib ??? (???) <04b812dcec670daa8b7d2852ab14be60> /usr/lib/libstdc++.6.dylib
    0x94a72000 - 0x94bd2ff3 libSystem.B.dylib ??? (???) <98fc91f31f185411ddc46d3225e9af55> /usr/lib/libSystem.B.dylib
    0x94dcc000 - 0x94eacfff libobjc.A.dylib ??? (???) <7b92613fdf804fd9a0a3733a0674c30b> /usr/lib/libobjc.A.dylib
    0x94ead000 - 0x94ebcfff libsasl2.2.dylib ??? (???) <b9e1ca0b6612e280b6cbea6df0eec5f6> /usr/lib/libsasl2.2.dylib
    0x94f87000 - 0x94f8effe libbsm.dylib ??? (???) <d25c63378a5029648ffd4b4669be31bf> /usr/lib/libbsm.dylib
    0x94fa0000 - 0x9521bfe7 com.apple.Foundation 6.5.6 (677.21) <5cfa0aa8b9b43193955d601ba6c2591a> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
    0x952ea000 - 0x9539cffb libcrypto.0.9.7.dylib ??? (???) <69bc2457aa23f12fa7d052601d48fa29> /usr/lib/libcrypto.0.9.7.dylib
    0x953fd000 - 0x95421feb libssl.0.9.7.dylib ??? (???) <c7359b7ab32b5f8574520746e10a41cc> /usr/lib/libssl.0.9.7.dylib
    0x95422000 - 0x954dcfe3 com.apple.CoreServices.OSServices 226.5 (226.5) <2a135d4fb16f4954290f7b72b4111aa3> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServi ces.framework/Versions/A/OSServices
    0x95ca1000 - 0x95e6ffff com.apple.security 5.0.4 (34102) <f01d6cbd6a0f24f6c13952ed448e77d6> /System/Library/Frameworks/Security.framework/Versions/A/Security
    0x966ac000 - 0x966bdffe com.apple.CFOpenDirectory 10.5 (10.5) <6a7f55108d77db7384d0e2219d07e9f8> /System/Library/PrivateFrameworks/OpenDirectory.framework/Versions/A/Frameworks /CFOpenDirectory.framework/Versions/A/CFOpenDirectory
    0x96d5e000 - 0x96e3fff7 libxml2.2.dylib ??? (???) <1baef3d4972ee789d8fa6c1fa44da45c> /usr/lib/libxml2.2.dylib
    0x96e40000 - 0x96e6ffe3 com.apple.AE 402.2 (402.2) <e01596187e91af5d48653920017b8c8e> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.fram ework/Versions/A/AE
    0x96e70000 - 0x96e94fff libxslt.1.dylib ??? (???) <4933ddc7f6618743197aadc85b33b5ab> /usr/lib/libxslt.1.dylib
    0x96e95000 - 0x96e9dfff com.apple.DiskArbitration 2.2.1 (2.2.1) <75b0c8d8940a8a27816961dddcac8e0f> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
    0x96f06000 - 0x96f91fff com.apple.framework.IOKit 1.5.1 (???) <324526f69e1443f2f9fb722cc88a23ec> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
    0x96f93000 - 0x96fc5fff com.apple.LDAPFramework 1.4.5 (110) <cc04500cf7b6edccc75bb3fe2973f72c> /System/Library/Frameworks/LDAP.framework/Versions/A/LDAP
    0xfffe8000 - 0xfffebfff libobjc.A.dylib ??? (???) /usr/lib/libobjc.A.dylib

  • Users Unable to Change Password

    Small Business 2011 Standard with Windows 7 Pro workstations - all fully updated.
    We have an issue where none of the users can change their passwords. They receive a message saying that the password
    doesn't meet the length, complexity or history requirements of the domain.
    I know (at least in my case) that the password hasn't been used before and there is no problem with the length
    and complexity. I've even tried switching off the password policies in the SBS Console with no success.
    Apart from the SBS Console is there anywhere else I should be looking that has a higher priority than the console?
    TIA

    We are using SBS 2008 (SP2), and we too are having this problem. Have done all the necessary GP changes. Have done gpupdate /force. As test user, I seem to be unable to change password at all (originally "minimum age" was 1 day, if that is somehow
    still in force might explain why); my end user has waited longer than that, she reports she can change her password but never back to anything in her history (original default was, I think, 24 passwords, might explain).
    While rsop on domain and clients/rdc  shows:
    Policy Policy Setting
    Enforce password history 0 passwords remembered
    Maximum password age 42 days
    Minimum password age 0 days
    Minimum password length 0 characters
    Password must meet complexity requirements Disabled
    Store passwords using reversible encryption Disabled
    Anybody any ideas now??? :(
    EDIT: Hmmm, net accounts /domain gives me:
    Force user logoff how long after time expires?: Never
    Minimum password age (days): 2
    Maximum password age (days): Unlimited
    Minimum password length: 0
    Length of password history maintained: 24
    Lockout threshold: 50
    Lockout duration (minutes): 10
    Lockout observation window (minutes): 10
    Computer role: PRIMARY
    The command completed successfully.
    Those settings would explain my problem, then!
    I can see that net accounts will allow me to alter this stuff, from the command-line, I guess that is what I need to do?
    NET ACCOUNTS
    [/FORCELOGOFF:{minutes | NO}]
    [/MINPWLEN:length]             
    [/MAXPWAGE:{days | UNLIMITED}]
    [/MINPWAGE:days]
    [/UNIQUEPW:number]
    [/DOMAIN]

  • I am unable to change passwords for any users.  The "change password" is grayed out.

    I am unable to change passwords for any users.  The "change password" is grayed out.  I know there is a way to change them but I am having trouble finding it.
    Message was edited by: dmw1975

    If you're in the Users pane of the server app, and you select Network Users from the drop-down near the top, there's a small padlock icon at the bottom. Is it locked or open? If locked, click it and enter credentials into the authorisation box that opens

  • Not set userName and password in system.prefs for 2.2.5

    We are using KODO 2.2.5 right now and We have business requirement that we
    should not keep database user name and password in system.prefs. I
    followed the instructions that you wrote in Feb 12 2002 post. But it still
    has the error that exactly like Bug #76. When we leave the user name and
    password out of system.prefs, we get the error.
    Is this bug(#76) fixed for 2.2.5? And how can we work around it?
    The error is:
    java.sql.SQLException: invalid arguments in call
         at
    com.solarmetric.kodo.impl.jdbc.schema.SchemaTool.<init>(SchemaTool.java:99)
         at
    com.solarmetric.kodo.impl.jdbc.schema.DB.getPersistentTypes(DB.java:197)
         at
    com.solarmetric.kodo.impl.jdbc.JDBCPersistenceManagerFactory.loadPersistentTypes(JDBCPersistenceManagerFactory.java:313)
         at
    com.solarmetric.kodo.impl.jdbc.JDBCPersistenceManagerFactory.setup(JDBCPersistenceManagerFactory.java:288)
         at
    com.solarmetric.kodo.runtime.PersistenceManagerFactoryImpl.privateSetup(PersistenceManagerFactoryImpl.java:872)
         at
    com.solarmetric.kodo.runtime.PersistenceManagerFactoryImpl.getPersistenceManager(PersistenceManagerFactoryImpl.java:59)
         at com.sabre.apd.dao.JDOFactory.getPersistenceManager(JDOFactory.java:144)
         at com.sabre.apd.dao.JDODAO.<init>(JDODAO.java:33)
         at com.sabre.apd.dao.JDODAO.<init>(JDODAO.java:28)
         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
         at
    sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
         at
    sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
         at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
         at java.lang.Class.newInstance0(Class.java:296)
         at java.lang.Class.newInstance(Class.java:249)
         at
    com.sabre.apd.dao.ConfigurableFactory$Tool.makeObjectForClass(ConfigurableFactory.java:105)
         at
    com.sabre.apd.dao.ConfigurableFactory$Tool.make(ConfigurableFactory.java:81)
         at
    com.sabre.apd.dao.ConfigurableFactory$Tool.getToolObject(ConfigurableFactory.java:62)
         at
    com.sabre.apd.dao.ConfigurableFactory.getTool(ConfigurableFactory.java:236)
         at com.sabre.apd.dao.DAOFactory.newDAO(DAOFactory.java:101)
         at com.sabre.apd.dao.DAOFactory.newDAO(DAOFactory.java:87)
         at
    test.com.sabre.apd.core.ActualConnectionDetailBrokerTest.getDAO(ActualConnectionDetailBrokerTest.java:38)
         at
    test.com.sabre.apd.core.ActualConnectionDetailBrokerTest.tearDown(ActualConnectionDetailBrokerTest.java:43)
         at
    test.com.sabre.apd.core.ActualConnectionDetailBrokerTest.setUp(ActualConnectionDetailBrokerTest.java:32)
         at com.intellij.execution.a.br.main(br.java:12)
    Thanks
    Weidong

    I'm not sure about the status of that bug in 2.2.5, but it has been
    resolved in our internal 2.3 builds.
    I think that you can work around this problem by enumerating your
    persistent types in system.prefs instead of in the data store. See our
    documentation for more information on how to do this.
    Basically, if I recall correctly, the problem is when retrieving the
    list, but not when connecting to the data store for other purposes.
    -Fred
    Weidong <[email protected]> wrote:
    We are using KODO 2.2.5 right now and We have business requirement that we
    should not keep database user name and password in system.prefs. I
    followed the instructions that you wrote in Feb 12 2002 post. But it still
    has the error that exactly like Bug #76. When we leave the user name and
    password out of system.prefs, we get the error.
    Is this bug(#76) fixed for 2.2.5? And how can we work around it?--
    Fred Lucas
    SolarMetric Inc.
    202-595-2064 x1122
    http://www.solarmetric.com

  • Change password via 3-Tier Desktop Intelligence

    Hi everyone,
    It would be highly appreciated if you could tell me how to change password via 3-Tier Desktop Intelligence.
    Version: XI3.0, XI3.1
    Thanks a lot!
    Lisa

    No problem.
    And for a work around you can have users
    login directly to the CMS (2-tier)
    change password
    then close deski
    as long as they know the difference they can then login to deski 3-tier with their new password.
    Another option would be to
    lookup the user account in CMC
    in user properties check the box "must change password at next login"
    Then even 3-tier users will be prompted to change their password the next time they login
    Regards,
    Tim

  • Number of days before user needs to change password

    If I enter a value for "Number of days before user needs to change password" will that effect both user and supervisor accounts or just user accounts? I have a supervisor account that we use for a lot of processes and do not want it to expire. However, our corporate security policy is to have user passwords expire at least every 90 days. Has anyone faced this before?<BR><BR>Thanks,<BR><BR>Mburkett

    mburkett,<BR><BR>Version 7.X has the external authentication option. The integration with active directory is very easy and can be configured in a few minutes. However, if your Essbase user names are different than MSAD user names, you would have to replace all Essbase users with their domain ID in order to use external authentication. If the user names are the same, it is only a matter of changing the flag to use the external AD password, rather then the Essbase password. <BR><BR>If you are not using Hyperion HUB, you should install it prior to implementing External Authentication.<BR><BR>I don't know the details of your custom job scheduler, but if it is based on ESSCMD, I dont see why it would not continue to work with an upgraded version.<BR><BR>Good Luck,<BR><BR>Chris

  • Cannot get into iPad, it keeps wanting me to sign in using old email that does not exist, and for a password that she does not remember, so I am unable to change password. How do I get around this?

    Cannot get into old iPad, it keeps wanting me to sign in using old email id that does not exist, and for a password that she does not remember, so I am unable to change password. How do I get around this?

    With iOS 7 Activation lock you can't.
    iCloud: Activation Lock
    http://support.apple.com/kb/PH13695
     Cheers, Tom

  • Cannot change user passwords in System Prefs

    They just don't "take." I can change passwords as root in terminal using passwd no problem but not in System Prefs pane.
    The secure.log hints that something happens:
    Apr 20 19:08:01 Dualie com.apple.SecurityServer: Succeeded authorizing right system.preferences by process /System/Library/PrivateFrameworks/Admin.framework/Resources/writeconfig for authorization created by /Applications/System Preferences.app.
    But then I try to use that password and:
    Apr 20 19:10:03 Dualie SecurityAgent[1846]: User Authenticated: continue login process
    Apr 20 19:10:03 Dualie com.apple.SecurityServer: authinternal failed to authenticate user lucy.
    Ideas?
    G4/400 with 2x500 Sonnet accelerator   Mac OS X (10.4.6)   Gobs of ram

    I had a similar problem ---- The initial problem was that my AirPort network password wouldn’t stay set and when I attempted to change the settings in the Network pane, I got a dialog box which said: “Please enter your keychain password --- System Preferences wants to use keychain ‘System.’ “ I opened “Details” and it showed Keychain: System Keychain and Application: System Preferences. I thought I had corrupted my keychain and first created a new keychain per the Mac Help instructions. This did not correct the problem and I made a screen shot *using Snapz Pro) to send to Apple or MacFixIt; I noticed that the title bar said SecurityAgentScreen which was the first time i heard of SecurityAgent --- and there is not much in the way of documentation on it.
    My next attempt was to rebuild my System which did not fix the problem, so I called apple Technical Support. I was directed to move the Keychain folder from my Home directory (Home/Library/Keychains) to the Desktop and reboot. This corrected the problem, however, there is suspicious difference: the new Keychains folder contains only “login.keychain.” I surmise that the keychains are now invisible and encrypted, and, are accessed via SecurityAgent which was introduced in 10.4.1 ,SecurityAgent was most probably developed to correct keychain vulnerabilities, but.I have not been find any documentation, or at least any that I can comprehend.
    PowerBook G4 15" Aluminum   Mac OS X (10.4.6)   G4 QuickSilver + mini

  • User having problem changing password on Windows 2008 R2 via remote desktop win7

    I have a remote user in another building with OS 7 remote destkop to Windows 2008 R2 Server.  The users account is set to change password on first login.  when the users trys to change his pw he gets error "Configuration information could not be
    read from domain controller, either because the machine is unavailable, or access has been denied.
    We are not using domain controller on the Windows 2008 R2 Server it is set to workgroup.
    Any help ASAP would be greatly appricated.
    Thanks,
    Rob Jung

    Here is one of the event logs from when the user tried to logging (and change password on the first login):
    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          10/13/2011 5:09:11 PM
    Event ID:      4625
    Task Category: Logon
    Level:         Information
    Keywords:      Audit Failure
    User:          N/A
    Computer:      win007.#***.net
    Description:
    An account failed to log on.
    Subject:
     Security ID:  SYSTEM
     Account Name:  WIN9$
     Account Domain:  ***
     Logon ID:  0x3e7
    Logon Type:   2
    Account For Which Logon Failed:
     Security ID:  NULL SID
     Account Name:  Administrator
     Account Domain:  WIN007
    Failure Information:
     Failure Reason:  Unknown user name or bad password.
     Status:   0xc000006d
     Sub Status:  0xc000006a
    Process Information:
     Caller Process ID: 0x254
     Caller Process Name: C:\Windows\System32\winlogon.exe
    Network Information:
     Workstation Name: WIN007
     Source Network Address: 127.
     Source Port:  0
    Detailed Authentication Information:
     Logon Process:  User32
     Authentication Package: Negotiate
     Transited Services: -
     Package Name (NTLM only): -
     Key Length:  0
    This event is generated when a logon request fails. It is generated on the computer where access was attempted.
    The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
    The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
    The Process Information fields indicate which account and process on the system requested the logon.
    The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
    The authentication information fields provide detailed information about this specific logon request.
     - Transited services indicate which intermediate services have participated in this logon request.
     - Package name indicates which sub-protocol was used among the NTLM protocols.
     - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{*******}" />
        <EventID>4625</EventID>
        <Version>0</Version>
        <Level>0</Level>
        <Task>12544</Task>
    Rob Jung ADRWeb

  • Unable to change password while first logon on windows server 2008 R2 SP1 system

    Hi Team,
    Ad team has created new account for me with change password on first logon setting
    When I logged in on Windows Server 2008 r2 SP1 system with my new credentials I get a error message stating that
    "You must change your password before logging on the first time. For assistance, conatct your system administrator or technical support" 
    Concern:
    I do not get password change screen on first logon on the server. How should I change my password on first logon?

    Hi,
    I got resolution for above issue
    Run ==> type "tsconfig.msc" ==> double click "RDP-TCP" ==> change security layer to
    RDP Security layer ==> Apply ==> OK

  • Unable to change password from application when Oracle password has expired

    I need to know how to change the users
    (Oracle 9.0.8) password via Visual Basic (v6.0
    SP3) and RDO. If the users password is expired,
    the proper error message is returned, but because
    the user isn't connected to the database, I
    cannot change the password with the "ALTER xxx
    IDENTIFIED BY xxx" sql. Anyone got any
    suggestions??

    you have to unlock it with some other user with the alter user privilege (e.g. sys or system), or (if you use OID) some user with DAS privileges.

  • Changing passwords and system copies

    Hello,
    since we are changing passwords of the users control, superdba and database schemata user to individual passwords we get problems with system copies.
    When we do a system copy and try to set the password of the superdba we get the message wrong sysdba.
    We can connect to a copied database by two different passwords to database instance (dbmcli uses the origin of the system, dbmgui the password of the source system of system copy).
    Is the passord of superdba stored at two points, filesystem and in the database?
    At FAQ I found the hint to load systab after installation, upgrade and system copy.
    Can I load systab at any time without risk?
    Best Regards
    Andreas

    AFAIK the password of the SYSDBA can't be changed (easily), it's copied with the database.
    You can load the system tables on the new system anytime using
    dbmcli -U c load_systab -u superdba,<oldpassword> -ud domain
    Markus

  • User making direct changes to PRD system

    My enviroment is ERP 6 ABAP /Oracle 10G/Solaris 10
    Some of my superusers are fond of making direct changes to PRD (as opposed to DEV & then transport via the landscape) though changes in  PRD system  have been restricted through  client change options SCC4 & system change option SE06
    I suspect the said users have ROLE with powerful authorizations that they ought not to have.
    Kindy advice what I should look for the users roles or how I can go about to harden PRD system aganist direct changes
    Thanks
    Edited by: Andale J on Sep 29, 2010 12:10 PM

    Hi BAIGSA
    Creation of roles is down to the security policy already in place unless you are lucky enough to be in at the beginning and can define how all roles are to be built in future.
    Mostly, you arrive at a client's site and have to adapt to their authorisation concept.
    You may find that function (module based) roles are inplace or that job roles (either multiple singles assigned directly or via composites or a one role does all) has been set up.
    Remediation of module based roles can be a really pain if they were built with too many transactions included - user group/job roles are far easier to remediate but this depends on the policies in place - inactive objects etc)
    I haven't enough information to understand what the changes are that have been made in prod to help - you need to review those changes and formulate a strategy which the business agrees to to resolve.
    Kind regards
    David
    Edited by: David Berry on Oct 3, 2010 8:30 PM

  • Change Password via telnet session

    Hi,
    I would like to know how to change the tacacs enable password via telnet session.
    When a new user login the first time via telnet, tacacs prompts the user with changing login password. However, it never prompts to change the enable password. Please advice.

    I am not clear what your problem is. TACACS uses a single password for a user and does not distinguish an enable password which is different from the login password. TACACS will grant access to enable based on what is set up in the user profile (or group profile) not on having a separate password. The difference between a login password and the enable password is used by the router locally when the router is not able to communicate with the TACACS server.
    So when TACACS prompts a new user to change the initial setup password, that is all that TACACS needs to do.
    HTH
    Rick

Maybe you are looking for