You publish a Web site in Microsoft Internet Security and Acceleration (ISA) Server 2006.
The ISA Server Web listener is configured to use HTML form authentication and to validate user credentials by using the Active Directory directory service.
In the HTML form settings, you configure ISA Server to let users to change their passwords.
You enable the User must change password at next logon property in Active Directory.
You specify an incorrect password on the initial logon page.
Note You are still directed to the Change Password page.
On the Change Password page, you type the correct old password, and then you set a new password.
In this scenario, you cannot change the password. Additionally, you receive the following error message:
You could not be logged on to ISA server. Make sure that your domain name, user name, and password are correct, and then try again.
This problem also occurs when one of the following conditions is true:
You click to select the I want to change my password after logging on check box in the initial forms logon page.
The password has expired. Or, the password has been reset.
To resolve this problem, apply the hotfix rollup package that is described in Microsoft Knowledge Base article 945821. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
945821 Description of the ISA Server 2006 hotfix package: December 5, 2007
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.