DisallowChangePassword not working?

Hello,

I followed this tutorial (http://adaxes.com/tutorials_Simplifying ... gUsers.htm) to create service accounts that:
- Cannot change the password
- Password never expires

But, when I create the user the "Password never expires" is correctly set, but "Cannot change the password" is not set on the AD user.

Is this normal?

by (750 points)

1 Answer

by (216k points)
Best answer
0 votes

Hello,

This is a known issue. The thing is that the User cannot change password Account Option exists, but it is ignored by Microsoft AD. The option is set via native permissions in AD.

To set the User cannot change password option for new users, you need to add one more property to the Property Pattern that you've created. The property name is User Cannot Change Password. You need to set it to True. To do this:

  1. Launch Adaxes Administration Console.
  2. Locate the Property Pattern the you've created following the instructions in the tutorial and select it.
  3. Click Add at the top of the Result Pane (located on the right).
  4. Select the Show all properties option.
  5. Select the User Cannot Change Password property.
  6. Select True in the Default value drop-down list.
  7. Save the Property Pattern.

As to the tutorial, we'll fix it in the nearest future.

by (750 points)
0

Thanks, it works great that way

Related questions

Web Interface Tutorial not working

Hi, there is a "Tutorials" link in the web interface config and its pointing to https://www.adaxes.com/tutorials_WebInterfaceCustomization.htm But it seems this page is (at least for me) not working currently.

asked 10 hours ago by wintec01 (2.4k points)
0 votes
1 answer
remove-admgroupmember not working for members in other domains

Hey we have a multi-domain AD forest and I'm trying to use powershell to remove computers in the child domains from a universal group in the root domain. I tried it with naming ... I run this in Ps5.1 or Ps7, from my laptop or from the Adaxes server itself.

asked Oct 17 by felix (210 points)
0 votes
1 answer
$Context.CloudServices.ConnectExchangeOnline() is not working

Seem to be getting the below error: Exception calling "ConnectExchangeOnline" with "0" argument(s): "There are no Microsoft 365 tenants associated with the object." Stack trace: at ... a scheduled task so I can run a command to add someone to a shared mailbox.

asked Jul 25 by CSLite (20 points)
0 votes
1 answer
Script not working with 2025.1

Hi team, this script is with the new version not working anymore. Can you please update it? https://www.adaxes.com/script-repository/search-and- ... : (Softerra.Adaxes.Utils.ObjectNameHelper:TypeName) [], RuntimeException + FullyQualifiedErrorId : TypeNotFound

asked Jun 16 by wintec01 (2.4k points)
0 votes
1 answer
Request approve/deny email buttons not working on 2025.1

Just recently built a new server, installed 2025.1, and restored configuration from a backup of our other server running 2023.2. I updated the web interface address in ... d6d4f3bd7654 and I'm able to approve/deny from that interface without issue. Any ideas?

asked May 13 by msinger (230 points)
0 votes
1 answer