diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index a034ff6d77ab1c2f884cc0803a76f1439e886f24..c7625a26f5973ead458bb2de529a86852a581f06 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -513,6 +513,9 @@ class UsersController extends AUserData {
 				break;
 			case 'password':
 				try {
+					if (!$targetUser->canChangePassword()) {
+						throw new OCSException('Setting the password is not supported by the users backend', 103);
+					}
 					$targetUser->setPassword($value);
 				} catch (HintException $e) { // password policy error
 					throw new OCSException($e->getMessage(), 103);
diff --git a/apps/provisioning_api/tests/Controller/UsersControllerTest.php b/apps/provisioning_api/tests/Controller/UsersControllerTest.php
index fcdc68d353b1b35e8600052efc5ac4775abe02b3..c6e0082c4b004408ffaba692ed6013e41f9d495a 100644
--- a/apps/provisioning_api/tests/Controller/UsersControllerTest.php
+++ b/apps/provisioning_api/tests/Controller/UsersControllerTest.php
@@ -1270,6 +1270,10 @@ class UsersControllerTest extends TestCase {
 			->method('get')
 			->with('UserToEdit')
 			->will($this->returnValue($targetUser));
+		$targetUser
+			->expects($this->once())
+			->method('canChangePassword')
+			->will($this->returnValue(true));
 		$targetUser
 			->expects($this->once())
 			->method('setPassword')