User unable to change password - Active Directory Group Policy
I've seen this issue come up, but no answers seem to be applicable. When a
user tries to change their password using control-alt-delete -> change
password, they're getting a "Unable to update the password. The value
provided for the new password does not meet the length, complexity, or
history requirements of the domain." We've even tried extremely long
complex strings as tests, which also generates the error message. In AD
U&C, I can force the account password to be changed on next logon, which
works successfully.
The applicable security setting is applied at the domain level in the
Default Domain Policy GPO. When I run a gpupdate /force and then view the
RSOP on one of the workstations, I can see the settings below (which are
consistent with the GPO):
Enforce Password History: 2 passwords remembered
Maximum Age: 120 days
Minimum password age: 0 days (this is enabled and set to 0 days in the GPO)
Minimum Length: 6 characters
Password must meet complexity requirements: disabled
Store passwords using reversible encryption: disabled
I've run a dcdiag against our DC's. They pass all tests. Any suggestions
on why this problem might be occurring, or how to rememdy it? Thanks!
No comments:
Post a Comment