So what do we have: Windows Server 2019 as file server in a non-domain setup. Users should be able to change their password remotely from their client PCs without requiring the IT-support. What we've found but is no soultion for us:
Login per RDP and change password: We don't want them to login via RDP on the Server.
Pspasswd https://docs.microsoft.com/en-us/sysinternals/downloads/pspasswd As far as I understand this allows this only with admin credentials. Plus you have to set LocalAccountTokenFilterPolicy to 1 https://support.microsoft.com/en-us/help/947232/error-message-when-you-try-to-access-an-administrative-share-on-a-wind As far as I understand this weakens security, which is also not intended
Then we've found "Remote Desktop Webaccess" https://www.youtube.com/watch?v=0GZAPGwD81I This enables a Website where users can change their password. However this is the totally overkill, since we don't want user access via RDP and in addition this requires additional licenses.
So are there other solutions that allows users to change their password on the FileServer?
Update: According to my collegues they've managed it in the past by enterging the name of the Server in the password change dialog on the client machine. This worked with Windows Server 2008 R2 but doesn't work with Server 2019. There after some seconds of waiting an "access denied" messaged is displayed.
So perhaps this needs just a setting on Server 2019.
Create a custom website which will change the account password locally on the server.