By default using UserPassword method (either through a simple ldif file or something like java) is disabled in Active Directory.
Process #In order to enable the UserPassword method you must change the dsHeuristics  attribute using ADSI edit and set the fuserPassword  method to true.
Right Click ADSI Edit #Right Click ADSI Edit and choose Connect to (note that this is not necessary if adsi was used previously and the connection is already there)
Select Configuration #Choose Select a well known Naming Context of Configuration and Select Default (Domain or server that you are logged into). And click ok
Expand Configuration #Expand Configuration down to Configuration/CN=Configuration,DC=XXX,DC=xxx/CN=Services/CN=Windows NT/CN=Directory Service
Choose Properties #Right Click Directory Service and choose Properties
Scroll to dsHeuristics #Scroll to dsHeuristics and double click it: You need to modify the 9th position and enter a 1. If there was no value in dsHeuristics then enter 000000001 and click ok.
Click Ok #Click Ok to get back to the main editor.
Update Schema Now #Then on the top level Configuration server.domain.org item right click and choose update Schema Now.
Finally #At this point you can connect using SSL and use an LDIF to change the users password
More Information #There might be more information for this subject on one of the following:
- Active Directory and Passwords
- Example - Active Directory Change Password JNDI
- Passwords Using LDIF
- Set Active Directory Password From Java
- Setting and Changing Microsoft Active Directory Passwords