RefusePasswordChange
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
| Data type | Range | Default value |
|---|---|---|
REG_DWORD |
0 | 1 |
0 |
Description
Prevents a domain controller from accepting requests from workstations to change their computer account passwords.
By default, Windows XP Professional systems automatically request a change to their computer account passwords at regular intervals (as specified in the value of the MaximumPasswordAge entry). To direct the system to reject these changes each time they arrive, set the value of RefusePasswordChange to 1.
| Value | Meaning |
|---|---|
0 |
Accept changes to workstation computer account passwords. |
1 |
Reject changes to workstation computer account passwords. |
This entry does not exist in the registry by default. You can add it by using the registry editor Regedit.exe.
Tip
- To prevent a workstation from sending a password change to the domain controller, set the value of the DisablePasswordChange entry to 1.
Caution
- Disabling automatic password changes can make the system more vulnerable to malicious access. Frequent password changes can be a significant safeguard for your system.