We help IT Professionals succeed at work.

Calling 'NetUserChangePassword' for changing other user password

Last Modified: 2013-12-04
I have user Target and Changer on domain (one of the following servers: 2000,2003 and 2008)
In my program (C/C++), I perform a logon via the function 'WNetAddConnection2' with  user Changer user and then I call 'NetUserChangePassword' with the Target user...
This works fine, BUT:
I want to know how is it possible that even a limited user can do such an operation (logon via 'WNetAddConnection2' and then change pass with 'NetUserChangePassword' for the target user)
In the MSDN it clearly says:
"The default ACL permits only Domain Admins and Account Operators to call this function. On a member server or workstation, only Administrators and Power Users can call this function."
=> how a limited user make this operation succeeded?

Pls let me know what you think.

Watch Question

Top Expert 2012

Well, as you have correctly concluded from the MSDN docs, a limited user cannot do that - that is, the user in question could log on as a different account using 'LogonUser()' and then call that API, but this kinda defeats the purpose....


so, how come it works?!
I'm trying to find out I didn't get the relevant error for that....
anyone has some idea?
Top Expert 2012

What kind of account are you using with 'WNetAddConnection2()'?


I using a limited user.
but now I have a bigger issue - pls note:
In the MSDN for NetUserChangePassword there is a note:
"Windows NT:  A server or domain can be configured to require a user to log on before changing the password on a user account. In that case, only members of the Administrators or Account Operators local group or the user can change the password for a user account. If logon is not required, a user can change the password for any user account, as long as the user knows the current password."

This is the exact scenario I'm having.
I just want to know, why the MSDN specifies only win NT? Is it possible that this is the behavior for other OS?  where can I find a documentation for that?



I found something in MS support:
In the example code they gave, they wrote this:
Username is argv[1]
   new password is argv[2]
   optional target machine (or domain name) is argv[3]
   optional old password is argv[4]. This allows non-admin password
   Note that admin or account operator privilege is required on the
   target machine unless argv[4] is present and represents the correct
   current password.

So I think it might be it.
I'm waiting for your responses.
This one is on us!
(Get your first solution completely free - no credit card required)

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.