Windows cannot complete the password change

We freshly had actually a case wbelow a customer experienced the adhering to unfriendly message during an administrator password reset versus a user.

You watching: Windows cannot complete the password change

*

The administrator performed the exact same recollection from another DC in his setting (the exact same password versus the very same user), however obtained a different message.

*

As he was trialling our Specops Password Policy solution at the moment, he wondered if this had somepoint to carry out via us.

We did a small digging and uncovered following:

The initially unfriendly message was developed on a DC running Server 2012 (properly Windows 8)The second more friendly message was developed on Server 2012 R2 (successfully Windows 8.1).

We tested this in our environment, on specifically the exact same OS’s, without any type of Specops software program installed and got precisely the exact same message. We deserve to confirm this is a Microsoft bug in Windows 2012 ADUC, not being able to interpret the error code from LSASS i.e. 0x800708c5, and also nothing to execute with us.

The customer additionally stated that the Sentinel was reporting two failures in the application eventlog on the DC’s throughout an attempt to recollection a user’s password through something that did not complement the Specops Password Policy.

See more: Diy Fix Error 101 Net Err_Connection_Reset ): The, Error 101 (Net::Err_Connection_Reset): The

*

We tested a recollection making use of the AD PowerCovering commandlets (set-ADAccountPassword) and got the intended one entry in the log.

Aacquire, this looked like an worry with ADUC to us. To dig even more right into this we looked at the security logs on the DCs and found the adhering to (with no Specops software installed at all).

*

ADUC, for some factor just well-known to Microsoft Developers, calls the recollection password API TWICE, not once, as it should (as prstove through the PowerCovering commands).

As a bonus for anyone reading all the method to this component, if you ever before view a hex code (this is a so-called HRESULT) that starts through 0x8007, prefer 0x800708c5, it implies that it is a Win32 error (what many human being watch as an error code).

See more: Individual Core Temp Vs Cpu Temp Vs, How To Monitor Your Computer'S Cpu Temperature

If you take the last 4 personalities and transform from hex to decimal, e.g. 08C5 hex equates to 2245 decimal if you inspect your calculator, and also currently in a command also prompt, you have the right to type a basic “net helpmsg 2245” and also get the actual message. In this situation, “The password does not meet the password plan needs. Check the minimum password length, password intricacy and also password history needs.” Armed via this expertise, you deserve to now number out what message that error represents.