NetUserSetInfo() API is not returning Error

SrinivasLJ 1 Reputation point
2021-02-17T11:39:27.577+00:00

I have given a old password to a user "xyz" through NetUserSetInfo API,
this API does not consider Enforce password history policy ?

I should get the following error if i give one of the old password.

NERR_PasswordTooShort

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,598 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,735 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,838 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,751 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Hannah Xiong 6,231 Reputation points
    2021-02-18T02:52:03.613+00:00

    Hello,

    Thank you so much for posting here.

    The error means that the password is shorter than required. (The password could also be too long, be too recent in its change history, not have enough unique characters, or not meet another password policy requirement.)

    Reference: https://learn.microsoft.com/en-us/windows/win32/api/lmaccess/nf-lmaccess-netusersetinfo

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Hannah Xiong 6,231 Reputation points
    2021-02-18T05:36:07.223+00:00

    Hi,

    Thank you so much for your feedback.

    So sorry that I misunderstood this. Frankly speaking, I am not professional with this API.

    According to the research, the NetUserSetInfo function does not control how the password parameters are secured when sent over the network to a remote server to change a user password.

    Besides, when we gave one of old passwords, it was returning NREE_Success, but it should be NERR_PasswordTooShort as you stated.

    As for the Enforce password history policy, it determines the number of unique new passwords that must be associated with a user account before an old password can be reused. If set to 10, the new password set by the user cannot be the same as the old password set 10 times before.

    If we gave the too recent old passwords, will it also return Success?

    Please forgive me if there is any other misunderstanding. Thanks so much for your understanding and support.

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments