Re: "You do not have permission to change your password" only when expired

---

• From: "Joe Richards [MVP]" <humorexpress@xxxxxxxxxxx>
• Date: Thu, 24 Aug 2006 15:25:47 -0400

---

Out of curiosity, what is the pwdProperties attribute setting on your domain head NC?

You can get that with

adfind -default -s base pwdProperties



--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm


22of3 wrote:

Hi,

Users in our Windows 2003 AD domain (upgraded from NT4) that wait until
their password has expired before changing it receive the error "You do
not have permission to change your password" when they are forced to
change it. Users can change their password fine any day up until it has
actually expired.

We have restrictanonymous and restrictanonymoussam both set to 1 on the
domain controllers.

Any help would be appreciated. (Most posts I have read detail the
opposite of the above problem e.g. can not change password until it has
expired.)

.

---

• Follow-Ups:
  • Re: "You do not have permission to change your password" only when expired
    • From: 22of3

• References:
  • "You do not have permission to change your password" only when expired
    • From: 22of3

• Prev by Date: Re: Login starts then returns to Initial screen
• Next by Date: Re: XP Backup program
• Previous by thread: Re: "You do not have permission to change your password" only when expired
• Next by thread: Re: "You do not have permission to change your password" only when expired
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.win2000.security  > 2006-08