Microsoft KB Archive/253512

= Cannot Turn Off "User Cannot Change the Password" Option After Windows 2000 Upgrade =

Article ID: 253512

Article Last Modified on 2/27/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q253512



SYMPTOMS
When you upgrade your Microsoft Windows NT 4.0 domain to Windows 2000 Active Directory and you click to clear the User cannot change the password check box in Active Directory, the user may still be unable to change his or her password. In addition, the Active Directory user interface shows that the check box is cleared, but the user cannot change the password.



CAUSE
This behavior occurs when you turn on the User cannot change the password option in Windows NT 4.0. This action creates a denied Access Control Entry (ACE) for changing the password, and removes the allowed ACE for changing the password. After you upgrade to Active Directory and you turn off the User cannot change the password option, the user interface removes the denied ACE but does not add the allowed ACE.



RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

NOTE: To view the version, right-click the file in Windows Explorer, click Properties, and then click Version.



STATUS
Microsoft has confirmed that this is a problem in Microsoft Windows 2000. This problem was first corrected in Windows 2000 Service Pack 1.



MORE INFORMATION
When you turn off the User cannot change the password option after the upgrade, look for the allowed ACE in the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. Add the allowed ACE if it is absent, and then remove the denied ACE.

Keywords: kbhotfixserver kbqfe kbbug kbfix kbui kbwin2000sp1fix KB253512

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.