Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Users do not have permission to change password

Status
Not open for further replies.
DMoll

DMoll

IS-IT--Management
Jun 24, 2003
27
0
0
Ever since getting SP4 for our Windows 2000 Server all users have been getting "You do not have permission to change your password" messages when trying to change passwords during the expiration period.

We are using Active Directory, all clients are Win 2K/XP Pro and all users have had the problem when trying to change their passwords.

The Everyone group already has the "Change Password" permission set to Allow.

I have seen a couple of previous posts that have mentioned this error but none seem to have any conclusions.

As far as I am aware the only change of any sort on the server has been SP4 update.

 
Sort by date Sort by votes
We're still fighting this probelm as well. We are running Win 2000 Server SP4. We just changed our password policy and had the make everyone change passwords. About 80% of the user could do this fine but the rest kept getting that you don't have permissions crap. We have the everyone group set to allow change password as well. Any suggestions.
 
Upvote 0 Downvote
Hi,
did you try to make a domain wide group policy to allow users to change passwords?
 
Upvote 0 Downvote
I have a group policy in place. I think I might have found the answer. I noticed all the one that had no problems were xp service pack 2 systems. There is a MS article 328817 that says this should fix this issue and it looks like it does.

Just out of curiousity what would I need to change in the GPO to allow passwords. I have the everyone group set to change passwords.
 
Upvote 0 Downvote
Found this article and 246261 for Win 2000. Will try it but what is the actual effect on security by changing RestrictAnonymous to 0 or 1?
 
Upvote 0 Downvote
I looked at my Domain Controller and it was already set to 0 so that can't be my issue. Hopefully the rest of the system updated to SP2 today so we'll see if there's been any change.
 
Upvote 0 Downvote
Your problem could be that the portion of the registry that users need to access to write the password changes may now be restricted access (as part of the security updates in the service patches), and only administrators may now have access. This in turn gives the "you do not have permission, etc." messgae.

HTH,

David
 
Upvote 0 Downvote
I have a friend running xp service pack to just installed and he is having a boat load of problems.
 
Upvote 0 Downvote
Had no improvement with SP2 for the XP machines.

But having read MS article 246261 I changed on the server "Additional restrictions for anonymous connections" to "Do not allow enumeration of SAM accounts and shares". All seems to be OK now...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
105
microsGuy16
microsGuy16
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
88
DTGMI
DTGMI
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
179
mangentle
mangentle
Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
53
strongm
strongm
DrB0b
  • Locked
  • Question
HyperV trying to do extended replica to external HDD
Replies
0
Views
48
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top