Symantec Privileged Access Management

Tech Tip - CA PAM - Windows Proxy error 2221_NERR_UserNotFound

  • 1.  Tech Tip - CA PAM - Windows Proxy error 2221_NERR_UserNotFound

    Broadcom Employee
    Posted Jan 11, 2018 04:42 PM

    Troubleshooting Windows Proxy error 2221_NERR_UserNotFound.

     

    This can be a misleading message from Windows, caused by any of the following:

    We may receive that error when updating a local account with ‘account can change own password’, and even though the error says ‘user not found’, the problem really was that the password policy was violated.

    For example, changing a password when the system’s password policy doesn’t allow the password to be changed more than once a day, or trying to recycle an old password when the password policy does not allow re-use of an old password.

     

    Check all the obvious problems, the account running the proxy has to have the correct permissions to update the password, but also check the settings on the target machine for minimum password age, and so on.

     

    Another issue we have seen is that local accounts might not be allowed to change their own password according to company policy.  In this case you have to use proxy credentials to change the password, and make sure that the account running the proxy is a member of the Local Administrators group on the target machine.