You Must Change password - RDS 2012 R2

Cobra25
Cobra25 used Ask the Experts™
on
Hi Guys,

I have a RDS 2012 R2 Server i built, and whenever i choose the 'user must change password on next login' in AD, and the user tries to login, they get the message "you must change your password before logging on the first time". They have obviously logged in before. Why is it saying this?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Tom CieslikIT Engineer
Distinguished Expert 2017

Commented:
If you do this changes then User Must Change Password on next login
I think If he will and then log off and log on back system will not ask him to change password again.
Right ?

Author

Commented:
No.
Tom CieslikIT Engineer
Distinguished Expert 2017

Commented:
So, every time if same user is login then is asking for password changes ?

Author

Commented:
They cannot even login, they just get the message stating that.
Distinguished Expert 2018
Commented:
That has a lot of similarities to this article: https://www.experts-exchange.com/questions/28301279/If-one-requires-NLA-users-cannot-change-their-passwords-prior-to-logon-why.html

One approach would be disabling CredSSP, but that lowers security. See best answer from this article: https://social.technet.microsoft.com/Forums/en-US/ce6dc4ab-71eb-4a5d-ac5b-8fac34c8570b/must-change-password-before-logging-in-the-first-time-windows-server-2012-r2-standard-edition?forum=winserverTS

Disabling NLA could help, but that goes against what you're trying to accomplish as well.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial