When you try to change the password of a user that recently changed its password and the server has the CA Access Control, the change will be denied.

root@solaris:/ # passwd username
CA Access Control sepass v12.0.1.1262 – Password replacement
Copyright (c) 2008 CA. All rights reserved.
Password was changed recently, cannot be changed again at this time.

To force the password change, type the command and change <username> and <password>to the values appropriate to your case

root@solaris:/ # /usr/seos/bin/selang -c “cu <username> pwasown (<password>)”
CA Access Control selang v12.0.1.1262 – CA Access Control command line interpreter
Copyright (c) 2008 CA. All rights reserved.

(localhost)
Successfully updated USER <username>
(localhost)
Native:
===
Successfully updated USER <username>