Applies ToWindows Server 2012 R2 Datacenter Windows Server 2012 R2 Standard Windows Server 2012 R2 Foundation Windows 8.1 Enterprise Windows 8.1 Pro Windows 8.1 Windows RT 8.1 Windows Server 2012 Datacenter Windows Server 2012 Datacenter Windows Server 2012 Standard Windows Server 2012 Standard Windows Server 2012 Essentials Windows Server 2012 Foundation Windows Server 2012 Foundation Windows Server 2008 R2 Service Pack 1 Windows Server 2008 R2 Datacenter Windows Server 2008 R2 Enterprise Windows Server 2008 R2 Standard Windows Server 2008 R2 Foundation Windows 7 Service Pack 1 Windows 7 Ultimate Windows 7 Enterprise Windows 7 Professional Windows 7 Home Premium Windows 7 Home Basic Windows 7 Starter

This article describes an issue that occurs after you install security update 3126041 on Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows Server 2012, Windows 7 Service Pack 1 (SP1), or Windows Server 2008 R2 SP1. You can fix this issue by using the update rollup that is discussed in this article.

Symptoms

When you change the domain account password by using a 32-bit application on a 64-bit operating system that calls the NetUserChangePassword API, the password change returns an error message that resembles the following:

1326 ERROR_LOGON_FAILURE

Despite the error, your password is changed in Active Directory Domain Services. However, your logon session and cached credentials are not updated. This situation resembles the following:

  • You log on to two computers.

  • You change the password on the first computer.

  • You remain logged on to the second computer by using the old password.

In this situation, you may experience any of the following issues:

  • If you disconnect from the network, you can log on by using the old password only.

  • Your access to resources is denied.

  • You are prompted to enter your password when you access resources.

  • If an Account Lockout policy is active in the domain, the user account is locked out.

This issue persists until you log off the computer on which the password change occurred and then log back on by using the new password. Additionally, if you apply the update that is documented in KB 3139921, the error message is no longer received but these symptoms persist.

Resolution

The fix for this issue was first included in Security update 3153171 for MS16-060 and MS16-061 for Windows Server 2012, Windows Server 2008 R2 SP1, and Windows 7 SP1. This fix is also included in the May 2016 update rollups. Use one of the following update rollups, depending on your operating system:

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References

Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.