When trying to change the Active Directory password of a user via Outlook Web Access (OWA), the following error message may occur on an Exchange 2016 server:
You are not authorized to change your password
The following error message can also occur in this context when changing the password:
The password entered does not meet the minimum security requirements
There can be various reasons for this, the simplest being that the user does not actually have the right to change their own password:
However, this would actually be too easy in most cases. Surprisingly, problems can also occur if the minimum password age is set to one day. The setting can be found in the "Default Domain Policy" in the Active Directory:
The setting means that a user can only change their password every 24 hours. In certain situations, however, Exchange seems to get confused and then also displays one of the above error messages. I have not yet been able to find out why this behavior occurs in some environments and runs without any problems in others. In most cases it has helped to set the minimum password age to 0 days. However, this also means that users can change their password as often as they like. Perhaps this tip will help someone.