Using [net user administrator "passwd@" ] to change the password, there is a probability that the password change will fail

xujiaxing 1 Reputation point
2022-06-28T02:54:48.757+00:00

The super managed user uses net user administrator "passwd@" to change the password. There is a probability that the password change will fail. The event viewer records 4724 events, and the change time is not updated through net user administrator. Login with old password succeeded, but login with new password failed
215479-213575-image.png

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,425 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 39,506 Reputation points
    2022-06-28T15:44:14.097+00:00

    Hi there,

    Can you see any other event ID ?

    Event ID 4724 is generated every time an account attempts to reset the password for another account (both user and computer accounts). If the new password fails to meet the domain password policy (or local password policy in local user accounts) then a failure event is recorded.

    This is an information event and no user action is required.

    4724(S, F): An attempt was made to reset an account's password. https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4724

    ---------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--


  2. MotoX80 32,566 Reputation points
    2022-06-28T17:00:53.213+00:00

    Don't use "net user", use Powershell and trap the error. Do something to alert an admin that the password change failed.

    $user = 'testuser'  
    $pswd = ConvertTo-SecureString -String "1234" -AsPlainText -Force   
    try {  
        Set-LocalUser $user -Password $pswd -ErrorAction Stop  
    } catch  {  
        "Password update failed!"  
        $_.Exception  
        "Do something here to notify someone."  
    }  
      
    
    0 comments No comments