Aug 20, 2012 07:15 AM|piyushagrawal|LINK
Just giving the permission to the users to change their password wont help. You need to go thorugh the passsword policy entirely. In AD, the in build rule wont allow the user to change the password whenever they want. Instead, some time interval is always
defined. Overriting this can only be done by the Admin. Also you need to look into the security certificate for the same.
Best methode to avoide such situation is to use some third party tool such as
ADSS which will allow the users to reset their password on their own. This will decrease the downtime and will allow the Admin to focus on other important things.