A new KB has been released (2793072) regarding the generic error message you receive when using the change password option in RD Web Access.
“…Assume that you install the Remote Desktop (RD) Web Access role service on a computer that is running Windows Server 2012 or Windows Server 2008 R2. You try to change an expired password on the RD Web Access website by using a new password that does not meet the length, complexity, or history requirements. In this situation, you receive a generic error message that resembles the following:
Your password cannot be changed. Please contact your administrator for assistance…”
“…This issue occurs because Windows does not retrieve the extended error code from the native Lightweight Directory Access Protocol (LDAP) API. Instead, Windows tries to map a generic error code and returns an error message based on the generic code…”
Source and download: http://support.microsoft.com/kb/2793072/en-us?sd=rss&spid=14134