The "User Cannot change the password" flag for Active Directory Account creation in RSA Identity Governance and Lifecycle does not stop the user from changing their password
Originally Published: 2017-07-26
Article Number
Applies To
Issue
Cause
https://msdn.microsoft.com/en-us/library/aa746398.aspx?f=255&MSPPError=-2147217396
Resolution
To do it in one command, the syntax would be as follows:
Get-ADUser -Identity "<distinguishedName>" | Set-ADUser -CannotChangePassword $True
Related Articles
User Picker ignores Include Terminated User flag in Via Lifecycle and Governance Number of Views RSA Governance & Lifecycle Data Processors: Setting is Disabled flag in REST account collectors Number of Views Creation of an Admin Exceptions Tabular Report fails with 'ORA-01031: insufficient privileges' error in RSA Identity Gover… Number of Views Impact of missing information on creation of Profiles by Risk Engine Number of Views Sun Studio compiler upgrade generates platform flag warnings Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
