New install. When attempting to change password, Windows client users are getting an error message from Netwrix password mgr: "Change password failed. The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you."
Altho it's an Netwix dialog box presenting the error, the text is typical Windows, so I think the text of the error is coming from Windows.
Even tho the error message seems to indicated a failed password change attempt, the password does change on the network. It's the client-side password that doesn't change. That is to say the client can now access network resources using the new password, but if you disconnect the client from the network, you will need the old password to log on to the client. That indicates to me that the client's password cache didn't learn about the password change.
We are trying to roll this product out for remote users to deal with password changes. Therefore they will need to execute password changes from outside the network via the Password Change Manager server. Since the remote users don't normally log into the network, they being remote and all, the password cache on their notebooks needs to be synched with their network password.
My gut feel is that the problem has to do with the remote notebook's password cache not being updated by the Password Manager server. So maybe there's a process not reaching out to the notebook, or the notebook isn't allowing the external process to do what it needs to do.
Turning Kaspersky A/V off didn't change behavior.
Don't see anything interesting in event logs on clients, Netwrix server, nor DCs.
Clients are Win8.1 using https to connect to a Win2k8R2 Password Mgr server. DC's are Win2k8R2.