3.3.4.1.8.7 Authorization Error
If the client sends a request where the principal contained in the ChangePasswordRequest/AccountDN element does not have the "User-Change-Password" control access right on itself (as described in [MS-ADTS] section 3.1.1.3.1.5), the server MUST return a SOAP fault with a ChangePasswordFault fault subcode. The fault detail SHOULD be as specified in the following table.
|
Field |
Value |
|---|---|
|
[Code] |
soapenv:Receiver |
|
[Subcode] |
ChangePasswordFault |
|
[Action] |
http://schemas.microsoft.com/2008/1/ActiveDirectory/Data/fault |
|
[Reason] |
Active Directory returned an error processing the operation. |
|
[Detail] |
|