troubleshooting Question

Calling 'NetUserChangePassword' for changing other user password

Avatar of Cyber-EE
Cyber-EE asked on
OS SecurityMicrosoft Development
6 Comments1 Solution893 ViewsLast Modified:
Hi,
I have user Target and Changer on domain (one of the following servers: 2000,2003 and 2008)
In my program (C/C++), I perform a logon via the function 'WNetAddConnection2' with  user Changer user and then I call 'NetUserChangePassword' with the Target user...
This works fine, BUT:
I want to know how is it possible that even a limited user can do such an operation (logon via 'WNetAddConnection2' and then change pass with 'NetUserChangePassword' for the target user)
In the MSDN it clearly says:
"The default ACL permits only Domain Admins and Account Operators to call this function. On a member server or workstation, only Administrators and Power Users can call this function."
=> how a limited user make this operation succeeded?

Pls let me know what you think.

tx,
shlom
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 6 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros