Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Can’t change password on Windows Server 2008.
Can’t change password on Windows Server 2008. [message #409886] Thu, 11 March 2010 09:54 Go to next message
Piotr  is currently offline Piotr
Messages: 19
Registered: August 2009
Junior Member
Hi,
Could you help me to fix following issue please? I can’t find any solution.
I tried to change password when I’m logged over RDP (CTRL+ALT+END) to
Windows Server 2008 and whatever I do I’m getting error: “Unable to update
the password. The value provided for the new password does not meet the
length, complexity, or history requirements of the domain.”
But unfortunately it meets…..

So basically I run Result Set of Policy Wizard for the user and got:
Enforce password history 24 passwords remembered
Maximum password age Not Defined
Maximum password age Not Defined
Maximum password length 9 characters
Password must meet complexity requirements Enabled

And I’m using password like: Dkj%4fdd8 or DJfkj%43*432 so they obviously
meet rules (I tried even 25 chars). I also tried to change GPO and disabled
complexity and changed length – no luck.

As I completely built Server and AD I’m sure there is nothing unusual in
configuration. I also tried to reboot DC, login using couple of different
users, use different machines – no luck. Whatever I do I’m getting the same
error message for all users.

However I can change the password on Active Directory Users and Computer
without any problems. It even prompts me when password doesn’t meet
complexity requirements but if meet, it changes successfully.
I have Windows Server 2008 SP2 – up to date.

Has somebody had similar issue? Please help me as I almost lost hope…..
Re: Can’t change password on Windows Server 2008. [message #409909 is a reply to message #409886] Thu, 11 March 2010 10:14 Go to previous messageGo to next message
Santhosh Sivarajan  is currently offline Santhosh Sivarajan
Messages: 110
Registered: July 2009
Senior Member
When "Password must meet complexity requirements Enabled" policy setting is
enabled, users must create strong passwords to meet the following minimum
requirements:

Passwords cannot contain the user's account name or parts of the user's full
name that exceed two consecutive characters.
Passwords must be at least six characters in length.
Passwords must contain characters from three of the following four
categories:
English uppercase characters (A through Z).
English lowercase characters (a through z).
Base 10 digits (0 through 9).
Non-alphabetic characters (for example, !, $, #, %).

Make sure your password doesn't contain "the user's account name or parts of
the user's full name that exceed two consecutive characters"


--
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
http://blogs.sivarajan.com/
http://publications.sivarajan.com/

This posting is provided "AS IS" with no warranties, and confers no rights.


"Piotr" <Piotr@discussions.microsoft.com> wrote in message
news:90D0DAEC-BC6B-4C91-9B81-4FB70B89AE46@microsoft.com...
> Hi,
> Could you help me to fix following issue please? I can’t find any
> solution.
> I tried to change password when I’m logged over RDP (CTRL+ALT+END) to
> Windows Server 2008 and whatever I do I’m getting error: “Unable to update
> the password. The value provided for the new password does not meet the
> length, complexity, or history requirements of the domain.”
> But unfortunately it meets…..
>
> So basically I run Result Set of Policy Wizard for the user and got:
> Enforce password history 24 passwords remembered
> Maximum password age Not Defined
> Maximum password age Not Defined
> Maximum password length 9 characters
> Password must meet complexity requirements Enabled
>
> And I’m using password like: Dkj%4fdd8 or DJfkj%43*432 so they obviously
> meet rules (I tried even 25 chars). I also tried to change GPO and
> disabled
> complexity and changed length – no luck.
>
> As I completely built Server and AD I’m sure there is nothing unusual in
> configuration. I also tried to reboot DC, login using couple of different
> users, use different machines – no luck. Whatever I do I’m getting the
> same
> error message for all users.
>
> However I can change the password on Active Directory Users and Computer
> without any problems. It even prompts me when password doesn’t meet
> complexity requirements but if meet, it changes successfully.
> I have Windows Server 2008 SP2 – up to date.
>
> Has somebody had similar issue? Please help me as I almost lost hope…..
>
Re: Can't change password on Windows Server 2008. [message #409933 is a reply to message #409886] Thu, 11 March 2010 11:02 Go to previous messageGo to next message
KevinJ.SBS  is currently offline KevinJ.SBS  United States
Messages: 653
Registered: July 2009
Senior Member
Piotr wrote:
> Hi,
> Could you help me to fix following issue please? I can't find any
> solution. I tried to change password when I'm logged over RDP
> (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm getting
> error: "Unable to update the password. The value provided for the new
> password does not meet the length, complexity, or history
> requirements of the domain."
> But unfortunately it meets...
>
> So basically I run Result Set of Policy Wizard for the user and got:
> Enforce password history 24 passwords remembered
> Maximum password age Not Defined
> Maximum password age Not Defined
> Maximum password length 9 characters
> Password must meet complexity requirements Enabled
>
> And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
> obviously meet rules (I tried even 25 chars). I also tried to change
> GPO and disabled complexity and changed length - no luck.
>
> As I completely built Server and AD I'm sure there is nothing unusual
> in configuration. I also tried to reboot DC, login using couple of
> different users, use different machines - no luck. Whatever I do I'm
> getting the same error message for all users.
>
> However I can change the password on Active Directory Users and
> Computer without any problems. It even prompts me when password
> doesn't meet complexity requirements but if meet, it changes
> successfully.
> I have Windows Server 2008 SP2 - up to date.
>
> Has somebody had similar issue? Please help me as I almost lost
> hope...

Besides the domain password policy, your user account *may be* subject to a
Fine Grained Password Policy setting (PSO) that I believe won't show up in
an RSOP.

Also (and more likely), Server 2008 "complexity" definitions now include
consecutive characters from the display name and account name
(Samaccountname) - What is the username and displayname of the account you
are having this problem with?



--
/kj
Re: Can’t change password on Windows Server 2008. [message #409975 is a reply to message #409909] Thu, 11 March 2010 11:57 Go to previous messageGo to next message
Piotr  is currently offline Piotr
Messages: 19
Registered: August 2009
Junior Member
Hi Santhosh,

Many thanks for your reply.

Unfortunately solution is not as easy. I'm sure my passwords meet all rules
in domain. It is enought complex, long, doesn't contain user name and is not
recorded in history. I used even random leters, numbers a chars and no result.

"Santhosh Sivarajan" wrote:

> When "Password must meet complexity requirements Enabled" policy setting is
> enabled, users must create strong passwords to meet the following minimum
> requirements:
>
> Passwords cannot contain the user's account name or parts of the user's full
> name that exceed two consecutive characters.
> Passwords must be at least six characters in length.
> Passwords must contain characters from three of the following four
> categories:
> English uppercase characters (A through Z).
> English lowercase characters (a through z).
> Base 10 digits (0 through 9).
> Non-alphabetic characters (for example, !, $, #, %).
>
> Make sure your password doesn't contain "the user's account name or parts of
> the user's full name that exceed two consecutive characters"
>
>
> --
> Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
> Houston, TX
> http://blogs.sivarajan.com/
> http://publications.sivarajan.com/
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> "Piotr" <Piotr@discussions.microsoft.com> wrote in message
> news:90D0DAEC-BC6B-4C91-9B81-4FB70B89AE46@microsoft.com...
> > Hi,
> > Could you help me to fix following issue please? I can’t find any
> > solution.
> > I tried to change password when I’m logged over RDP (CTRL+ALT+END) to
> > Windows Server 2008 and whatever I do I’m getting error: “Unable to update
> > the password. The value provided for the new password does not meet the
> > length, complexity, or history requirements of the domain.”
> > But unfortunately it meets…..
> >
> > So basically I run Result Set of Policy Wizard for the user and got:
> > Enforce password history 24 passwords remembered
> > Maximum password age Not Defined
> > Maximum password age Not Defined
> > Maximum password length 9 characters
> > Password must meet complexity requirements Enabled
> >
> > And I’m using password like: Dkj%4fdd8 or DJfkj%43*432 so they obviously
> > meet rules (I tried even 25 chars). I also tried to change GPO and
> > disabled
> > complexity and changed length – no luck.
> >
> > As I completely built Server and AD I’m sure there is nothing unusual in
> > configuration. I also tried to reboot DC, login using couple of different
> > users, use different machines – no luck. Whatever I do I’m getting the
> > same
> > error message for all users.
> >
> > However I can change the password on Active Directory Users and Computer
> > without any problems. It even prompts me when password doesn’t meet
> > complexity requirements but if meet, it changes successfully.
> > I have Windows Server 2008 SP2 – up to date.
> >
> > Has somebody had similar issue? Please help me as I almost lost hope…..
> >
Re: Can't change password on Windows Server 2008. [message #409983 is a reply to message #409933] Thu, 11 March 2010 12:00 Go to previous messageGo to next message
Piotr  is currently offline Piotr
Messages: 19
Registered: August 2009
Junior Member
Hi KJ,

Many thanks for your reply.

As I mentioned before system was created by me and I haven't implemented
Fine Granted Password Policy as one rule for my domain was enought.

This issue is realy strange. In last two years I installed around 20 systems
and never met something like that before...

"kj [SBS MVP]" wrote:

> Piotr wrote:
> > Hi,
> > Could you help me to fix following issue please? I can't find any
> > solution. I tried to change password when I'm logged over RDP
> > (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm getting
> > error: "Unable to update the password. The value provided for the new
> > password does not meet the length, complexity, or history
> > requirements of the domain."
> > But unfortunately it meets...
> >
> > So basically I run Result Set of Policy Wizard for the user and got:
> > Enforce password history 24 passwords remembered
> > Maximum password age Not Defined
> > Maximum password age Not Defined
> > Maximum password length 9 characters
> > Password must meet complexity requirements Enabled
> >
> > And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
> > obviously meet rules (I tried even 25 chars). I also tried to change
> > GPO and disabled complexity and changed length - no luck.
> >
> > As I completely built Server and AD I'm sure there is nothing unusual
> > in configuration. I also tried to reboot DC, login using couple of
> > different users, use different machines - no luck. Whatever I do I'm
> > getting the same error message for all users.
> >
> > However I can change the password on Active Directory Users and
> > Computer without any problems. It even prompts me when password
> > doesn't meet complexity requirements but if meet, it changes
> > successfully.
> > I have Windows Server 2008 SP2 - up to date.
> >
> > Has somebody had similar issue? Please help me as I almost lost
> > hope...
>
> Besides the domain password policy, your user account *may be* subject to a
> Fine Grained Password Policy setting (PSO) that I believe won't show up in
> an RSOP.
>
> Also (and more likely), Server 2008 "complexity" definitions now include
> consecutive characters from the display name and account name
> (Samaccountname) - What is the username and displayname of the account you
> are having this problem with?
>
>
>
> --
> /kj
>
>
> .
>
Re: Can't change password on Windows Server 2008. [message #409993 is a reply to message #409983] Thu, 11 March 2010 12:13 Go to previous messageGo to next message
KevinJ.SBS  is currently offline KevinJ.SBS  United States
Messages: 653
Registered: July 2009
Senior Member
Piotr wrote:
> Hi KJ,
>
> Many thanks for your reply.
>
> As I mentioned before system was created by me and I haven't
> implemented Fine Granted Password Policy as one rule for my domain
> was enought.
>
> This issue is realy strange. In last two years I installed around 20
> systems and never met something like that before...

>> Maximum password length 9 characters

*Maximum password length* ? Huh :)



At one time there was a problem with minimum password age as undefined
instead of 0 or some other setting - but I though that was fixed.




>
> "kj [SBS MVP]" wrote:
>
>> Piotr wrote:
>>> Hi,
>>> Could you help me to fix following issue please? I can't find any
>>> solution. I tried to change password when I'm logged over RDP
>>> (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm getting
>>> error: "Unable to update the password. The value provided for the
>>> new password does not meet the length, complexity, or history
>>> requirements of the domain."
>>> But unfortunately it meets...
>>>
>>> So basically I run Result Set of Policy Wizard for the user and got:
>>> Enforce password history 24 passwords remembered
>>> Maximum password age Not Defined
>>> Maximum password age Not Defined
>>> Maximum password length 9 characters
>>> Password must meet complexity requirements Enabled
>>>
>>> And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
>>> obviously meet rules (I tried even 25 chars). I also tried to change
>>> GPO and disabled complexity and changed length - no luck.
>>>
>>> As I completely built Server and AD I'm sure there is nothing
>>> unusual in configuration. I also tried to reboot DC, login using
>>> couple of different users, use different machines - no luck.
>>> Whatever I do I'm getting the same error message for all users.
>>>
>>> However I can change the password on Active Directory Users and
>>> Computer without any problems. It even prompts me when password
>>> doesn't meet complexity requirements but if meet, it changes
>>> successfully.
>>> I have Windows Server 2008 SP2 - up to date.
>>>
>>> Has somebody had similar issue? Please help me as I almost lost
>>> hope...
>>
>> Besides the domain password policy, your user account *may be*
>> subject to a Fine Grained Password Policy setting (PSO) that I
>> believe won't show up in an RSOP.
>>
>> Also (and more likely), Server 2008 "complexity" definitions now
>> include consecutive characters from the display name and account name
>> (Samaccountname) - What is the username and displayname of the
>> account you are having this problem with?
>>
>>
>>
>> --
>> /kj
>>
>>
>> .

--
/kj
Re: Can't change password on Windows Server 2008. [message #410105 is a reply to message #409993] Thu, 11 March 2010 14:28 Go to previous messageGo to next message
Piotr  is currently offline Piotr
Messages: 19
Registered: August 2009
Junior Member
You saved my life :-)

FYI it is not fixed, I defined min and max password age to 0 and it started
to work…

Thanks a lot!


"kj [SBS MVP]" wrote:

> Piotr wrote:
> > Hi KJ,
> >
> > Many thanks for your reply.
> >
> > As I mentioned before system was created by me and I haven't
> > implemented Fine Granted Password Policy as one rule for my domain
> > was enought.
> >
> > This issue is realy strange. In last two years I installed around 20
> > systems and never met something like that before...
>
> >> Maximum password length 9 characters
>
> *Maximum password length* ? Huh :)
>
>
>
> At one time there was a problem with minimum password age as undefined
> instead of 0 or some other setting - but I though that was fixed.
>
>
>
>
> >
> > "kj [SBS MVP]" wrote:
> >
> >> Piotr wrote:
> >>> Hi,
> >>> Could you help me to fix following issue please? I can't find any
> >>> solution. I tried to change password when I'm logged over RDP
> >>> (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm getting
> >>> error: "Unable to update the password. The value provided for the
> >>> new password does not meet the length, complexity, or history
> >>> requirements of the domain."
> >>> But unfortunately it meets...
> >>>
> >>> So basically I run Result Set of Policy Wizard for the user and got:
> >>> Enforce password history 24 passwords remembered
> >>> Maximum password age Not Defined
> >>> Maximum password age Not Defined
> >>> Maximum password length 9 characters
> >>> Password must meet complexity requirements Enabled
> >>>
> >>> And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
> >>> obviously meet rules (I tried even 25 chars). I also tried to change
> >>> GPO and disabled complexity and changed length - no luck.
> >>>
> >>> As I completely built Server and AD I'm sure there is nothing
> >>> unusual in configuration. I also tried to reboot DC, login using
> >>> couple of different users, use different machines - no luck.
> >>> Whatever I do I'm getting the same error message for all users.
> >>>
> >>> However I can change the password on Active Directory Users and
> >>> Computer without any problems. It even prompts me when password
> >>> doesn't meet complexity requirements but if meet, it changes
> >>> successfully.
> >>> I have Windows Server 2008 SP2 - up to date.
> >>>
> >>> Has somebody had similar issue? Please help me as I almost lost
> >>> hope...
> >>
> >> Besides the domain password policy, your user account *may be*
> >> subject to a Fine Grained Password Policy setting (PSO) that I
> >> believe won't show up in an RSOP.
> >>
> >> Also (and more likely), Server 2008 "complexity" definitions now
> >> include consecutive characters from the display name and account name
> >> (Samaccountname) - What is the username and displayname of the
> >> account you are having this problem with?
> >>
> >>
> >>
> >> --
> >> /kj
> >>
> >>
> >> .
>
> --
> /kj
>
>
> .
>
Re: Can't change password on Windows Server 2008. [message #410106 is a reply to message #410105] Thu, 11 March 2010 14:34 Go to previous messageGo to next message
KevinJ.SBS  is currently offline KevinJ.SBS  United States
Messages: 653
Registered: July 2009
Senior Member
Piotr wrote:
> You saved my life :-)
>
> FYI it is not fixed, I defined min and max password age to 0 and it
> started to work.
>
> Thanks a lot!
>

Pleased to be of help.

/kj ( today "the blind squirrel" )

>
> "kj [SBS MVP]" wrote:
>
>> Piotr wrote:
>>> Hi KJ,
>>>
>>> Many thanks for your reply.
>>>
>>> As I mentioned before system was created by me and I haven't
>>> implemented Fine Granted Password Policy as one rule for my domain
>>> was enought.
>>>
>>> This issue is realy strange. In last two years I installed around 20
>>> systems and never met something like that before...
>>
>>>> Maximum password length 9 characters
>>
>> *Maximum password length* ? Huh :)
>>
>>
>>
>> At one time there was a problem with minimum password age as
>> undefined instead of 0 or some other setting - but I though that was
>> fixed.
>>
>>
>>
>>
>>>
>>> "kj [SBS MVP]" wrote:
>>>
>>>> Piotr wrote:
>>>>> Hi,
>>>>> Could you help me to fix following issue please? I can't find any
>>>>> solution. I tried to change password when I'm logged over RDP
>>>>> (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm
>>>>> getting error: "Unable to update the password. The value provided
>>>>> for the new password does not meet the length, complexity, or
>>>>> history requirements of the domain."
>>>>> But unfortunately it meets...
>>>>>
>>>>> So basically I run Result Set of Policy Wizard for the user and
>>>>> got: Enforce password history 24 passwords remembered
>>>>> Maximum password age Not Defined
>>>>> Maximum password age Not Defined
>>>>> Maximum password length 9 characters
>>>>> Password must meet complexity requirements Enabled
>>>>>
>>>>> And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
>>>>> obviously meet rules (I tried even 25 chars). I also tried to
>>>>> change GPO and disabled complexity and changed length - no luck.
>>>>>
>>>>> As I completely built Server and AD I'm sure there is nothing
>>>>> unusual in configuration. I also tried to reboot DC, login using
>>>>> couple of different users, use different machines - no luck.
>>>>> Whatever I do I'm getting the same error message for all users.
>>>>>
>>>>> However I can change the password on Active Directory Users and
>>>>> Computer without any problems. It even prompts me when password
>>>>> doesn't meet complexity requirements but if meet, it changes
>>>>> successfully.
>>>>> I have Windows Server 2008 SP2 - up to date.
>>>>>
>>>>> Has somebody had similar issue? Please help me as I almost lost
>>>>> hope...
>>>>
>>>> Besides the domain password policy, your user account *may be*
>>>> subject to a Fine Grained Password Policy setting (PSO) that I
>>>> believe won't show up in an RSOP.
>>>>
>>>> Also (and more likely), Server 2008 "complexity" definitions now
>>>> include consecutive characters from the display name and account
>>>> name (Samaccountname) - What is the username and displayname of the
>>>> account you are having this problem with?
>>>>
>>>>
>>>>
>>>> --
>>>> /kj
>>>>
>>>>
>>>> .
>>
>> --
>> /kj
>>
>>
>> .

--
/kj
Re: Can't change password on Windows Server 2008. [message #410118 is a reply to message #410105] Thu, 11 March 2010 15:01 Go to previous messageGo to next message
Santhosh Sivarajan  is currently offline Santhosh Sivarajan
Messages: 110
Registered: July 2009
Senior Member
wow!. good catch KJ...

--
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
http://blogs.sivarajan.com/
http://publications.sivarajan.com/

This posting is provided "AS IS" with no warranties, and confers no rights.


"Piotr" <Piotr@discussions.microsoft.com> wrote in message
news:B0E12CDC-385B-448C-9FC5-8B7F93A3FD3A@microsoft.com...
> You saved my life :-)
>
> FYI it is not fixed, I defined min and max password age to 0 and it
> started
> to work…
>
> Thanks a lot!
>
>
> "kj [SBS MVP]" wrote:
>
>> Piotr wrote:
>> > Hi KJ,
>> >
>> > Many thanks for your reply.
>> >
>> > As I mentioned before system was created by me and I haven't
>> > implemented Fine Granted Password Policy as one rule for my domain
>> > was enought.
>> >
>> > This issue is realy strange. In last two years I installed around 20
>> > systems and never met something like that before...
>>
>> >> Maximum password length 9 characters
>>
>> *Maximum password length* ? Huh :)
>>
>>
>>
>> At one time there was a problem with minimum password age as undefined
>> instead of 0 or some other setting - but I though that was fixed.
>>
>>
>>
>>
>> >
>> > "kj [SBS MVP]" wrote:
>> >
>> >> Piotr wrote:
>> >>> Hi,
>> >>> Could you help me to fix following issue please? I can't find any
>> >>> solution. I tried to change password when I'm logged over RDP
>> >>> (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm getting
>> >>> error: "Unable to update the password. The value provided for the
>> >>> new password does not meet the length, complexity, or history
>> >>> requirements of the domain."
>> >>> But unfortunately it meets...
>> >>>
>> >>> So basically I run Result Set of Policy Wizard for the user and got:
>> >>> Enforce password history 24 passwords remembered
>> >>> Maximum password age Not Defined
>> >>> Maximum password age Not Defined
>> >>> Maximum password length 9 characters
>> >>> Password must meet complexity requirements Enabled
>> >>>
>> >>> And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
>> >>> obviously meet rules (I tried even 25 chars). I also tried to change
>> >>> GPO and disabled complexity and changed length - no luck.
>> >>>
>> >>> As I completely built Server and AD I'm sure there is nothing
>> >>> unusual in configuration. I also tried to reboot DC, login using
>> >>> couple of different users, use different machines - no luck.
>> >>> Whatever I do I'm getting the same error message for all users.
>> >>>
>> >>> However I can change the password on Active Directory Users and
>> >>> Computer without any problems. It even prompts me when password
>> >>> doesn't meet complexity requirements but if meet, it changes
>> >>> successfully.
>> >>> I have Windows Server 2008 SP2 - up to date.
>> >>>
>> >>> Has somebody had similar issue? Please help me as I almost lost
>> >>> hope...
>> >>
>> >> Besides the domain password policy, your user account *may be*
>> >> subject to a Fine Grained Password Policy setting (PSO) that I
>> >> believe won't show up in an RSOP.
>> >>
>> >> Also (and more likely), Server 2008 "complexity" definitions now
>> >> include consecutive characters from the display name and account name
>> >> (Samaccountname) - What is the username and displayname of the
>> >> account you are having this problem with?
>> >>
>> >>
>> >>
>> >> --
>> >> /kj
>> >>
>> >>
>> >> .
>>
>> --
>> /kj
>>
>>
>> .
>>
Re: Can't change password on Windows Server 2008. [message #410133 is a reply to message #410105] Thu, 11 March 2010 15:15 Go to previous message
Santhosh Sivarajan  is currently offline Santhosh Sivarajan
Messages: 110
Registered: July 2009
Senior Member
What version of SP are you running?

--
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
http://blogs.sivarajan.com/
http://publications.sivarajan.com/

This posting is provided "AS IS" with no warranties, and confers no rights.


"Piotr" <Piotr@discussions.microsoft.com> wrote in message
news:B0E12CDC-385B-448C-9FC5-8B7F93A3FD3A@microsoft.com...
> You saved my life :-)
>
> FYI it is not fixed, I defined min and max password age to 0 and it
> started
> to work…
>
> Thanks a lot!
>
>
> "kj [SBS MVP]" wrote:
>
>> Piotr wrote:
>> > Hi KJ,
>> >
>> > Many thanks for your reply.
>> >
>> > As I mentioned before system was created by me and I haven't
>> > implemented Fine Granted Password Policy as one rule for my domain
>> > was enought.
>> >
>> > This issue is realy strange. In last two years I installed around 20
>> > systems and never met something like that before...
>>
>> >> Maximum password length 9 characters
>>
>> *Maximum password length* ? Huh :)
>>
>>
>>
>> At one time there was a problem with minimum password age as undefined
>> instead of 0 or some other setting - but I though that was fixed.
>>
>>
>>
>>
>> >
>> > "kj [SBS MVP]" wrote:
>> >
>> >> Piotr wrote:
>> >>> Hi,
>> >>> Could you help me to fix following issue please? I can't find any
>> >>> solution. I tried to change password when I'm logged over RDP
>> >>> (CTRL+ALT+END) to Windows Server 2008 and whatever I do I'm getting
>> >>> error: "Unable to update the password. The value provided for the
>> >>> new password does not meet the length, complexity, or history
>> >>> requirements of the domain."
>> >>> But unfortunately it meets...
>> >>>
>> >>> So basically I run Result Set of Policy Wizard for the user and got:
>> >>> Enforce password history 24 passwords remembered
>> >>> Maximum password age Not Defined
>> >>> Maximum password age Not Defined
>> >>> Maximum password length 9 characters
>> >>> Password must meet complexity requirements Enabled
>> >>>
>> >>> And I'm using password like: Dkj%4fdd8 or DJfkj%43*432 so they
>> >>> obviously meet rules (I tried even 25 chars). I also tried to change
>> >>> GPO and disabled complexity and changed length - no luck.
>> >>>
>> >>> As I completely built Server and AD I'm sure there is nothing
>> >>> unusual in configuration. I also tried to reboot DC, login using
>> >>> couple of different users, use different machines - no luck.
>> >>> Whatever I do I'm getting the same error message for all users.
>> >>>
>> >>> However I can change the password on Active Directory Users and
>> >>> Computer without any problems. It even prompts me when password
>> >>> doesn't meet complexity requirements but if meet, it changes
>> >>> successfully.
>> >>> I have Windows Server 2008 SP2 - up to date.
>> >>>
>> >>> Has somebody had similar issue? Please help me as I almost lost
>> >>> hope...
>> >>
>> >> Besides the domain password policy, your user account *may be*
>> >> subject to a Fine Grained Password Policy setting (PSO) that I
>> >> believe won't show up in an RSOP.
>> >>
>> >> Also (and more likely), Server 2008 "complexity" definitions now
>> >> include consecutive characters from the display name and account name
>> >> (Samaccountname) - What is the username and displayname of the
>> >> account you are having this problem with?
>> >>
>> >>
>> >>
>> >> --
>> >> /kj
>> >>
>> >>
>> >> .
>>
>> --
>> /kj
>>
>>
>> .
>>
Previous Topic:Default groups and security permissions
Next Topic:question about CA
Goto Forum:
  


Current Time: Tue Jan 16 10:41:15 MST 2018

Total time taken to generate the page: 0.02308 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software