From: Karl Levinson [x y] mvp (
Date: 04/17/03

From: "Karl Levinson [x y] mvp" <>
Date: Thu, 17 Apr 2003 09:53:46 -0400

I believe there are some known security issues with the IISADMPWD page
[specifically, the .HTR files that are necessary for the page to work]. I
would recommend writing your own ADSI script by copying the sample script
found at or It should be easier than you

Try enabling failure auditing on the web server and the domain controllers
to see who is being denied access to what:

Also, I am guessing that you want to make sure that Anonymous authentication
is not enabled on those files.

Here is some more information that may help you:

"Victor" <> wrote in message
> I am trying to utilize the IISADMPWD/Password Change
> features in a W2K environment. I am using the MS
> Certificate Services on a local W2K server and the
> IISADMPWD virtual directory is on a different W2K server.
> I can access the password change page fine, but when I try
> to change the password for a domain account, I get the
> following response:
> Logon Failure: user account restriction
> This happens with any domain account account I try to
> change the passsword for.
> Domain Group Policies as well as Group Poicies for Member
> servers are in effect, but I cannot figure out if and
> which policies are casuing the error.
> Any help will be appreciated.

Relevant Pages

  • Re: OWA Password expired problem
    ... Is your IIS where the password change tool (IISADMPWD) exists configured ... with a Web Server SSL Certificate? ... @echo Windows 2003 IISADMPWD CONFIGURATION ... >configured OWA to allow password changes using the Microsoft article found ...
    ... I would like to configure IISADMPWD on the same server as we have Team ... System Web Access. ... It would be really nice if the external users could by ...
  • Password Change web site
    ... I am trying to use the IISadmpwd on windows 2003 server to enable users to ... the files windows 2003 have an ...