Password Change Logon Loop

Robert Pearson 31 Reputation points

Hello, I have this issue when users passwords expire or I manual reset them with "User must change password" box checked. Every time they enter a new password it tells them to do it again in an endless loop. Any ideas?

We have two DC's with Server 2019 and one DC with 2012.

We do do AD SYNC to Azure

PCS are mostly Windows 10 with a couple Windows 11


Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,798 questions
{count} votes

6 answers

Sort by: Most helpful
  1. Robert Pearson 31 Reputation points

    Uninstalling KB5011551 from my DCs resolved the issue. Thanks

    3 people found this answer helpful.

  2. Marcus Polz 1 Reputation point

    I experienced the password loop with users after a March 22nd update. We are on 2 AD Windows 2019 1809 Standard WinVer 17763.2746. We do AD SYNC to Azure as well. We see the issue occur upon expiration of a user password or when ticking the box to have user change password at next logon. No unusual event logs were observed. You can test by expiring a user account, the next login attempting to change password loops. The uninstall of Microsoft update KB5011551 takes a scary long time to remove, it completed in about twenty minutes. It does require a reboot of the server which also takes about thirty-forty minutes, I'd suggest staggering reboots of the DCs :).

    Verified, removal of KB5011551 resolved my password issues.

    0 comments No comments

  3. sławomir wowry 1 Reputation point

    The question is when Microsoft will release a patch
    We have several DC controllers in the organization
    and uninstalling KB5011551 will take a long time

  4. Pflipper 96 Reputation points

    I have the same endless loop issue with an expired password on a domain Admin account for an Azure vm. Microsoft needs to fix this ASAP. Have this KB5011551 installed on 3/26, I come back from time off and now I am hosed.

    BTW, I tried to uninstall the hotfix through Powershell in the Azure portal. This does not work - why ? --> C:\Windows\System32\wusa.exe /uninstall /kb:5011551 /quiet /norestart

  5. Adam Archer 1 Reputation point

    I am also seeing this issue on 2019 server running virtually. Oddly, my #s 2 and 3 DCs lets expired users change passwords just fine. Just checked and they do not have the update 5011551, so I'm wondering if MS didn't pull that update at some point. The affected server is my GC and it took the update on April 5.

    0 comments No comments