Windows 8.1 cannot change password in Windows 2003 domain level domain

Similar Messages

• After joining computer to the windows doamin i cannot change password for Mac for the domain user

  After joining computer to the windows doamin i cannot change password for Mac for the domain user

  Hi,
  Did this problem occures after installed Windows 8.1 Update 1? Here is another thread that had similar problem. Also I don't think this problem relate with Domain. Please refer to the solution of the thread below for reference, If there is any
  progress, please let us know.
  http://social.technet.microsoft.com/Forums/en-US/08993680-b6f5-4e80-b031-d32fec97d682/not-able-to-right-click-on-tiles-after-81-update?forum=w8itproge
  Roger Lu
  TechNet Community Support

• 2012 R2 RD Session Host Domain Users Cannot Change Password

  I set up a Windows 2012 R2 Session Host as per
  http://support.microsoft.com/kb/2833839 and joined it to the domain.  Now, users are unable to change their password. When they log in to the RDSH and "ctrl-del-end", they are given the change password dialog, but they are told that
  their password "doesn't meet complexity requirements" even if it does.  I suspect the issue is related to the fact that there is no "session collection" per se and that the "connection broker" role is not installed. 
  Is there any way around this?  The end game would be to have them log into this RDSH and be able to change their password to conform with the domain password policy
  PaulK

  Hi Paulk,
  Did you mean that all users cannot change passwords? Based on my experience, this issue was not related ro the RD connection broker role.
  Please check the password policy in group policy of the domain to see if any password policy caused this issue:
  Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy
  For more information, you can refer to the link below:
  https://technet.microsoft.com/en-us/library/hh994572(v=ws.10).aspx
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• User cannot change password option is automatically getting unchecked while giving domain admin rights

  user cannot change password option is automatically getting unchecked while giving domain admin rights

  Greetings!
  "Domain Admins" falls into the category of protected groups and it is included in ADminSDHolder process. It is normal and was designed in order to prevent the modification to these privileged groups. More information on the link below:
  AdminSDHolder, Protected Groups and SDPROP
  Regards.
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• HT1933 I have old email address's I used for iTune music purchases and cannot change password on several old accounts. Now some of the music I purchased I can not download and authorize it on my device. What can I do password security does not match my bi

  I have old email address's I used for iTune music purchases and cannot change password on several old accounts. Now some of the music I purchased I can not download and authorize it on my device. What can I do password security does not match my birthdate on two of the accounts. Apple can not send me email with a password authorization on several current accounts that I have with them. How can I contact Apple with this annoying problem I can not fix.

  settings - app/iTunes store - sign out and sign back in with your new id.
  Note - if your older apps needs an update it will use your old apple id and password, as Apps are tied to the apple id that was used to purchase it.
  You can't merge apple id.

• How to set "User cannot change password" on W2K accounts.

  Hi gurus,
  I need to set (from create user form) "User cannot change password" on W2K accounts.
  I was expected that some value of userAccountControl attribute on AD could do the job, but I realized that it is not so (look also to http://forum.java.sun.com/thread.jspa?threadID=593193&messageID=3108889).
  Thanks for any suggestion.

  Yeah thats right, I have implemented the same using nTSecurityDescriptor attribute

• Cannot change password in Facebook setting

  Cannot change password for Facebook in settings

  Even on on my iPad 4 i can not change my name and password or any other setting. You always run into a problem when Facebook has a large update that changes its User interface

• Migrating from server 2003R2 to 2008R2 User cannot change password box unchecks after being checked.

  After Migrating the domain controller from server 2003 R2 to 2008 R2 the check box for users cannot change password wont stay checked. This is happening to ALL users and no they are not a member of any Protected Groups. I have searched for a solution
  for months but cant not find.
  And now after migrating the exchange 2003 to 2010 I have to keep applying the inherited permissions every hour until a user finally makes an active sync.
  Now having more AD issues, cant remove users from Exchange 2010...And again have to go to the DC and applying the inherited permissions, then I can remove the user.
  I really need help with this...
  John

  Hi,
  Did you use the migration tools to do the user migration?
  Permissions on a user that is migrated from an Active Directory domain are reset to default values during migration.
  I think this is by design:
  http://technet.microsoft.com/en-us/library/cc974359(v=ws.10).aspx
  Regards.
  Vivian Wang

• User having problem changing password on Windows 2008 R2 via remote desktop win7

  I have a remote user in another building with OS 7 remote destkop to Windows 2008 R2 Server.  The users account is set to change password on first login.  when the users trys to change his pw he gets error "Configuration information could not be
  read from domain controller, either because the machine is unavailable, or access has been denied.
  We are not using domain controller on the Windows 2008 R2 Server it is set to workgroup.
  Any help ASAP would be greatly appricated.
  Thanks,
  Rob Jung

  Here is one of the event logs from when the user tried to logging (and change password on the first login):
  Log Name:      Security
  Source:        Microsoft-Windows-Security-Auditing
  Date:          10/13/2011 5:09:11 PM
  Event ID:      4625
  Task Category: Logon
  Level:         Information
  Keywords:      Audit Failure
  User:          N/A
  Computer:      win007.#***.net
  Description:
  An account failed to log on.
  Subject:
   Security ID:  SYSTEM
   Account Name:  WIN9$
   Account Domain:  ***
   Logon ID:  0x3e7
  Logon Type:   2
  Account For Which Logon Failed:
   Security ID:  NULL SID
   Account Name:  Administrator
   Account Domain:  WIN007
  Failure Information:
   Failure Reason:  Unknown user name or bad password.
   Status:   0xc000006d
   Sub Status:  0xc000006a
  Process Information:
   Caller Process ID: 0x254
   Caller Process Name: C:\Windows\System32\winlogon.exe
  Network Information:
   Workstation Name: WIN007
   Source Network Address: 127.
   Source Port:  0
  Detailed Authentication Information:
   Logon Process:  User32
   Authentication Package: Negotiate
   Transited Services: -
   Package Name (NTLM only): -
   Key Length:  0
  This event is generated when a logon request fails. It is generated on the computer where access was attempted.
  The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
  The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
  The Process Information fields indicate which account and process on the system requested the logon.
  The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
  The authentication information fields provide detailed information about this specific logon request.
   - Transited services indicate which intermediate services have participated in this logon request.
   - Package name indicates which sub-protocol was used among the NTLM protocols.
   - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{*******}" />
      <EventID>4625</EventID>
      <Version>0</Version>
      <Level>0</Level>
      <Task>12544</Task>
  Rob Jung ADRWeb

• Local Users (belongs to domain) on ISE cannot derive Password from Windows Database

  Dear Support Team
  We are in the progress of Migrating ACS4.2 to ISE3355 running 1.1.4. We have SSL VPN Users & Wireless Users to be migrated.
  ISE 1.1.4 is already integrated with AD Windows 2008 and can see all the groups defined on AD.
  1: in ACS 4.x & even 5.x, we have option to add a user locally (users belonging to domain) , and  we can configure user’s password to be derived from Windows Database. It helps to control AAA Policies.
  It also helps to avoid configuring "users" in specific groups on AD and as a result no dependency on System Team to configure users in specific groups, which can be used in policy making on ISE.
  However while doing the same, I could not find an option in ISE 1.1.4. Password cannot be derived from windows database. Password has to be set manually, that clearly means that i have to arrange the users in specific group on AD.
  Is it a platform specific issue or am I missing something ?
  Thanks in advance for your valuable time to look into this issue.
  Ahad....

  It seems that i have to open a TAC case to get cisco official explanation on this feature, it was a nice feature, which has been unnecessarily deprecated.
  Any Inputs from anyone, who has similiar requirement, Please share it here.
  Regards
  Ahad

• TMG 2010 publishing Exchange 2010 OWA cannot change password if user must change password at first logon is set

  Hi,
   I have an odd issue whereby if I set "user must change password" on an AD account, the end user cannot logon, they're simply taken back to the OWA login page as if their password is incorrect.
  My setup is as follows:
  outer TMG -- uses a listener for email.contoso.com and is configured for no authentication.This uses a publishing rule to publish the inner TMG server. This server is not a domain member.
  inner TMG - uses a listener for email.contoso.com and is configured for NLTM\kerberos negotiation with forms authentication (Windows Active Directory). This server is a domain member and use a publishing rule to publish the internal CAS. Allow users to change
  password is selected in the publishing rules.
  Exchange 2010 SP1 - uses integrated windows and basic authentication. Has the appropriate registry key configured to allow users to change their AD password on first logon.
  I've registered an snp for "http/email.contoso.com mailserver-dc1", all SSL certificates being used are valid and my configuration used to allow users to login and change their password with "user must change password on first login"
  set in AD.
  If I launch a web browser on an internal server and point it to email.contoso.com I'm immediately presented with a generic Windows authentication request (similar to what's seen in ADFS) rather than the standard OWA page. No matter what I do, I cannot login
  and change my password using the correct URL. However if I point my browser at
  http://192.168.4.10/owa I'm prompted to login and I can change my password using the sam credentials.
  The only recent changes made are:
  - Disabling SSL 3.0 and enabling TLS  (http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html)
  - Replacing the TMG listener certificates so that they now use SHA2 rather than SHA2 (certificates are trusted on each TMG server)
  Looking on the outer TMG and the DC logs I can see schannel errors which I believe are related to the problem. TMG monitoring also shows "Failed connection attempt: 1907 The user'spassword must be changed before logging on for the first time"
  I've checked that my inner TMG and DC are using the same certificate for server authentication and gone through this guide:
  http://blogs.technet.com/b/keithab/archive/2012/02/29/setting-up-and-troubleshooting-ldaps-authentication-in-forefront-tmg-2010.aspx
  If I try to use ldp.exe on the inner TMG, I get the error in the pic below
  Thanks
  IT Support/Everything

  Hi,
  You could try to analyze the TMG tracing and try the troubleshoot steps in the blog below.
  TMG 2010 – FBA, troubleshooting the change password feature 
  http://blogs.technet.com/b/isablog/archive/2012/05/07/tmg-2010-fba-troubleshooting-the-change-password-feature.aspx
  Best Regards,
  Joyce

• Cannot change password expired password

  Hi there,
  I am not able to change expired password on Windows server 2012. I am getting the error message that "You must change your password before logging on the first time. Please update your password or contact your system administrator or technical support"
  I had similar issue in Windows 2008 servers and was resolved when I changed the the RDP security layer to negociate. But I couldn't find Session host configuration snap-in since RDS is not enabled.
  Any one faced same issue?
  Thanks,
  Ranjith

  Hi Ranjith,
  How are things going?
  You could try to change the Security Layer to
  RDP Security Layer in the Security section of
  Session Collection properties.
  In addition, if you are using remote desktop over RD Gateway, there is no support for being able to use the “User must change password at next logon”.
  Please refer to these two threads which is similar with your issues.
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/320ef31a-1160-4c33-9912-79a3838fc24d/forcefuly-user-should-change-his-password-when-loggin-for-the-first-time?forum=winserverTS
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/8761e29a-72a0-4f9c-b31b-ff81633020dd/user-must-change-password-setting-using-rdp-to-server-2012?forum=winserverTS
  Hope this helps.
  Best Regards,
  Tina

• Fixing bluetooth in windows 8.1 and changing the way windows update works

  Hello, this is a message for Microsoft, can you please fix the Bluetooth in the setting in Windows 8.1. Because I can not connect my devices on it to play music. Also, my second suggestion would be for Windows update. First of all,
  Windows tells me that it will install update automatically but It's not true. Everyday I check to see if there is an update on the pc. So change the way windows update works because It is a bit confusing. In other words, try to do like windows 7 if you
  can, or if not It is not a big deal. But a least try to have a solution for this issue and the Bluetooth also. 
  Thank you.
   

  Hi Ariel,
  The MSDN Windows Store apps forums are for developers to discuss writing their own Windows Store apps.
  For help with using Windows please post in the appropriate forum for your OS on
  http://answers.microsoft.com .
  --Rob

• Cannot change password or admin login

  i have done everything i was advised to do but it just cant work bcus has tied the password and admin login
  some were in the computer.some people advised that i should take it to an apple store in my country
  but we dont have an apple store or a representative in cameroun, what next do i do?pls help

  Hello:
  Ok here we go:
  1- You have to restart your MBA holding down the Command+S keys, and this will take you into Single User Mode and it’s Terminal interface.
  2- Then you have to check the filesystem. to do this you have to type the following command in the terminal interface:
  fsck -fy
  3- Then you have to mount the root drive with write option enabled so you can apply and save any changes. Type this in the temrinal interface:
  mount -uw /
  4- And then type this command exactly as you see it here:
  rm /var/db/.AppleSetupDone
  5- Reboot your MBA by typing this in the terminal interface:
  reboot
  6- After you reboot, you will be see the “Welcome Wizard” startup screen. Follow the wizard and create a new user account. This new account name must be different from the one you already have
  7- Continue and boot into your Mac OS X with the new account you have just created, this new user account is an Administrator and has administrative access
  8- Now that you're logged in, go to System Preferences
  9- Click on Users & Groups
  10- Click on the Lock icon and use your newly created user name and password if asked. This will allow you to make changes to other user accounts
  11- On the user panel select the user account whose password you cannot change and then click on the Change Password... button and enter your new password.
  12- Delete, or grant administrative privileges to that old account
  13- Reboot/restart your MBA and now you can log back in with your old account. If you want you can delete the user account you created following this steps.
  Hope this helps.
  Good luck

• TS3899 Help! I cannot access my settings and facebook settings within 'Settings'. This means I cannot change passwords, delete or add email accounts.  I've tried updating and restoring my phone but to no avail.  Can anyone help me please?

  Can anyone help please? I cannot access my email account settings within 'Settings', so I cannot change my details for existing email accounts, nor can I delete them or add others.
  I can't access my Facebook settings within 'Settings' either but when I try to use the app it asks me to enter my password into my Facebook account in settings, but I can't do that either.
  I've updated my software, restored and backed up my phone but it still doesn't work.  Troubleshooting doesn't cover this.

  Go to Settings>General>Restrictions. Do you have restrictions on? If so, that would prevent you from making changes in some areas of the iPhone.