Re: How Does Hyena decide to check or uncheck"User Cannot Change Password"?

Hyena reads an account flag to find this information. Our theory on the way ADU&C does it is by reading the AD security for the user object. In doing a quick test of this theory, I found that if you look at the security for a user you'll see that Change Password is set to Allow, and if you check the box it changes to Deny. So, it would seem that ADU&C might simply look at the security setting.

We have no way of knowing why they would be different, though.

Re: How Does Hyena decide to check or uncheck"User Cannot Change Password"?

Thanks for the reply. I could not figure out why the information was different, but it was. I cleared up the problem by checking and then un-checking the box, but I couldn't figure out what misconfiguration/corruption caused this problem. I actually could get the login error that I couldn't change the password when logging in, but I checked in ADUC [against all domain controllers] and the box was clear in each case. I think that something was corrupted somehow, that was corrected by checking and then un-checking the box, for 'user cannot change password'. It was just odd that Hyena actually reported a condition that was consistent with what was going on, but Microsoft's ADUC tool did not. For this reason, I figured that Hyena was using a different information source to reach the conclusion than ADUC.

Once again, thanks for the reply. I hope that this issue does not occur again. It is a mystery to me, but I won't puzzle myself over it, unless it recurs.