Using [net user administrator "passwd@" ] to change the password, there is a probability that the password change will fail

asked 2022-06-28T02:54:48.757+00:00
xujiaxing 1 Reputation point

The super managed user uses net user administrator "passwd@" to change the password. There is a probability that the password change will fail. The event viewer records 4724 events, and the change time is not updated through net user administrator. Login with old password succeeded, but login with new password failed
215479-213575-image.png

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,747 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. answered 2022-06-28T15:44:14.097+00:00
    Limitless Technology 37,291 Reputation points

    Hi there,

    Can you see any other event ID ?

    Event ID 4724 is generated every time an account attempts to reset the password for another account (both user and computer accounts). If the new password fails to meet the domain password policy (or local password policy in local user accounts) then a failure event is recorded.

    This is an information event and no user action is required.

    4724(S, F): An attempt was made to reset an account's password. https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4724

    ---------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--


  2. answered 2022-06-28T17:00:53.213+00:00
    MotoX80 23,471 Reputation points

    Don't use "net user", use Powershell and trap the error. Do something to alert an admin that the password change failed.

    $user = 'testuser'  
    $pswd = ConvertTo-SecureString -String "1234" -AsPlainText -Force   
    try {  
        Set-LocalUser $user -Password $pswd -ErrorAction Stop  
    } catch  {  
        "Password update failed!"  
        $_.Exception  
        "Do something here to notify someone."  
    }  
      
    
    No comments