Forum Discussion
Active Directory Unable to reset user passwords
I am managing a Windows Server 2025 Active Directory environment with client machines. I created a test user and enabled the option “User must change password at next logon.” I then provided a temporary password to the user, expecting them to get the prompt to change it on first login.
However, when the user attempts to change the password, they receive the error:
“The user must change password before signing in.”
My goal is that when I provide a temporary password to a user:
They get the prompt to change the password at next logon.
When they change it, it should not throw the “user must change password before signing in” error.
I need guidance on how to achieve this so users can reset their passwords successfully.
1 Reply
Option A – Reset the password directly in ADUC
Instead of setting “User must change password at next logon,” reset the password manually:
Open Active Directory Users and Computers (ADUC).
Right-click the user → Reset Password.
Check “User must change password at next logon.”
Then, ensure the user logs on from a domain-joined machine connected to the network, not through RDP or cached credentials.
Option B – Allow password change through Ctrl+Alt+Del
If users need to change passwords remotely, enable the option to change password at logon:
At the logon screen, the user selects Other user → “Sign-in options” → “Change a password” (or press Ctrl+Alt+Del → Change a password).
This requires network connectivity to the DC.
If this fails, check firewall/port access to DCs (TCP/UDP 464, 389, 445).
