Policy
Configure SAM change password RPC methods policy
This policy enables an administrator to configure the remote usage of change user password RPC methods in security account manager(SAM). When the policy is enabled, following options are supported: Block all change password RPC methods: block remote usage of all the security account manager(SAM) change password RPC methods. Allow strong encryption change password RPC method: allow remote use of the change password RPC method which uses strong encryption and blocks remote use of weak encryption methods. Allow all change password RPC methods: allows remote usage of all the change password RPC methods irrespetive of the encryption. Default policy: 1. Domain member computers - block all change password RPC methods. 2. Domain controllers - allow strong encryption change password RPC method. Note: If the policy is disabled or not configured, the machine will use the default policy.
8646856cbd78 SamrChangeUserPasswordApiPolicy Registry
Copy registry mappings
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\SAM\SamrChangeUserPasswordApiPolicyPolicy notes
This policy enables an administrator to configure the remote usage of change user password RPC methods in security account manager(SAM). When the policy is enabled, following options are supported: Block all change password RPC methods: block remote usage of all the security account manager(SAM) change password RPC methods. Allow strong encryption change password RPC method: allow remote use of the change password RPC method which uses strong encryption and blocks remote use of weak encryption methods. Allow all change password RPC methods: allows remote usage of all the change password RPC methods irrespetive of the encryption. Default policy: 1. Domain member computers - block all change password RPC methods. 2. Domain controllers - allow strong encryption change password RPC method. Note: If the policy is disabled or not configured, the machine will use the default policy.