Share via

Problem with "The user's password must be changed before signing in" Intune

Alejandro Miranda 60 Reputation points
2025-03-05T09:31:10.0233333+00:00

Hi

We have applied Security Baseline for Windows with the Device Lock setting enabled. So this provoke that when we want to log with our local admin user it show a prompt saying "The user's password must be changed before signing in". We have more than 100 devices with this problem so we need to find a solution for deploy in all the devices.

We try to disable the Device Lock policy but this does not solve the "The user's password must be changed before signing in" issue

We try to deploy a powershell script to disable the flag but we get a error "EAS Policy requires password change"

Could we do anything to solve this?

Thanks you,

Regards.

Microsoft Security Intune Configuration
0 comments
Accepted answer
  1. Crystal-MSFT 53,981 Reputation points Microsoft External Staff
    2025-03-12T01:38:49.8766667+00:00

    @Alejandro Miranda, Thanks for the reply. For the prompt "The user's password must be changed before signing in", it seems the "User must change password at next logon" is enabled.

    Based on my test, we need to change the user password before we unselect "User must change password at next logon". You can add the PowerShell commands in the script to firstly change the local user password before we disable the setting. here is a link with detailed commands for your reference.

    https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.localaccounts/set-localuser?view=powershell-5.1#example-2-change-the-password-on-an-account

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JM 1,166 Reputation points
    2025-03-05T11:31:40.94+00:00

    I had successfully enabled or disabled this flag in the past, refer to the post for the scripts you can use to manage this setting: https://cloudinfra.net/enable-disable-user-must-change-password-at-next-logon-using-intune/.

    ---If the response is helpful, please click "Accept Answer" and upvote it.---

    0 comments
  2. Alejandro Miranda 60 Reputation points
    2025-03-06T09:39:04.6666667+00:00

    Hi!

    That is the script I used and I get an error message saying "Exception calling “setInfo” with “0” argument(s): “Logon Failure: EAS policy requires that the user change their password before this operation can be performed. “"

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.