'User must change password at next logon' field Is Not Set After a UserSetPassword Operation (NETIQKB33258)

  • 7733258
  • 02-Feb-2007
  • 19-Jun-2007


Directory and Resource Administrator 6.60

User must change password at next logon' field is not set after a UserSetPassword operation is performed using the Web Console.

When using the Directory and Resource Administrator 6.6 Web Console to reset a user account's password and selecting the 'User must change password at next logon' field, the password is changed and immediately available to the end user.  That user is not, however, prompted to change the new password.

The 'User must change password at next logon' flag is not checked, when an Assistant Admin resets a users account password using the Web Console with the 'User must change password at next logon' flag checked.  However, resetting the password using the Directory and Resource Administrator MMC interface, with the 'User must change password at next logon' flag checked works correctly.


This problem is caused by the way the Web Console handles the information passed to the Administration server during the operation.  When the screen loads, the 'User must change password at next logon' checkbox is automatically selected on the web server.  When the Assistant Admin submits the form, with the new information (the new password), the Web Console passes to the server updated values only.  Because the flag's state was not updated by the Assistant Admin, only the new password is submitted to Active Directory.


Hotfix 26323a corrects this situation, modifying the Web Console to correctly update the User must change password at next logon field.

To install this hotfix, run the DRA66000_Hotfix26323a.exe file on the Administration server.

This hotfix modifies the following files on the Web component computer:

  • AccountManagement/Computers/ComputerCreate/TaskMain.asp
  • AccountManagement/Computers/ComputerCreate/TaskMessages.asp
  • AccountManagement/Groups/GroupCreate/TaskMain.asp
  • AccountManagement/Groups/GroupUpdate/GeneralTabMain.asp
  • AccountManagement/Groups/GroupUpdate/GeneralTabMessages.asp
  • AccountManagement/Users/UserClone/Properties.asp
  • AccountManagement/Users/UserCreate/TaskMain.asp
  • AccountManagement/Users/UserResetPassword/Properties.asp
  • AccountManagement/Users/UserUpdate/DialInTabMain.asp
  • AccountManagement/Users/UserUpdate/ProfileTabMain.asp
  • AccountManagement/Users/UserUpdate/StatsTabMain.asp
  • AccountManagement/Users/UserUpdate/StatsTabMessages.asp
  • AccountManagement/Users/UserUpdateNT4/DialInTabMain.asp
  • AccountManagement/Users/UserUpdateNT4/ProfileTabMain.asp
  • AccountManagement/Users/UserUpdateNT4/StatsTabMain.asp
  • AccountManagement/Users/UserUpdateNT4/StatsTabMessages.asp
  • AccountManagement/Users/UserVitalStats/Properties.asp
  • AccountManagement/Users/UserVitalStats/TaskMessages.asp
  • AccountManagement/Users/UserVitalStatsNT4/Properties.asp
  • AccountManagement/Users/UserVitalStatsNT4/TaskMessages.asp
  • Common/Scripts/LocalizeDate.asp
  • Common/Scripts/SearchForms/UserGroupBrowse/TaskMain.asp
  • Common/Scripts/SearchForms/UserGroupBrowse/TaskMessages.asp

By default, these files are located in the C:\Inetpub\wwwroot\DRAWeb\WebConsole\BuiltIn folder of servers with the DRA Web Component installed.


Hotfix 26323 also corrects other issues that are listed in the following Knowledge Base article:

Additional Information

Formerly known as NETIQKB33258