Users using Remote Desktop Protocol (RDP) to connect to Windows Server 2008 R2, Windows Server 2012 R2, Windows 8, and Windows 8.1 remote servers with Network Level Authentication (NLA) enabled users cannot change their expired passwords.  Users see the following error message when connecting to remote servers using their expired passwords:

An authentication error has occurred.
The Local Security Authority cannot be contacted.

The full error is:

To resolve this problem, administrators can enable the password change functionality in RD Web Access. With password change functionality enabled, users are able to change their expired password using RD Web Access.

To enable password change functionality in RD Web Access, refer the Technet Wiki page here. (Note: For Windows Server 2008 R2 refer to this excellent post by Freek Berson.)


See also