Domain Services for Windows
Then the user logs in with an incorrect password and receives the following error:
"The system could not log you on. Make sure your User name and domain are correct, then type your password again. Letters in the passwords must be typed using the correct case."
The new user continues to login with an invalid password until the account is locked.
The same error "The system could not log you on. Make sure your User name and domain are correct, then type your password again. Letters in the passwords must betyped using the correct case." is returned until the correct password is entered. The error in AD reports that the account is locked.
In DSfW, if the user logins in with the correct password and receives this error:
"Your password has expired and must be changed."
And is prompted to enter in a new password. This screen is not seen in AD.
It looks like the password is set, but then this error is returned once the new password is set:
"The User name or old password is incorrect. Letters in the password must be typed using the correct case."
While creating user in MMC, If user set 'Change password on next logon' option and then intruder tried 3 invalid password attempts, then user account should be locked and lockout message should be displayed for invalid login. Instead of that, It is prompted to change the password and throws an error at the end. This is happened because the change password condition validated before validating local policy.