Enforcing Windows password policy on SQL accounts : Microsoft, SQL Server 2005 Standard, 2005, cluster, Password validation failed. The password does not meet Windows policy requirements because it is not complex enough. (Microsoft SQL Server, Error: 15118)

May 17, 2008 12:12pm pdt

1. chapmandew 1,139,490
2. angelIII 656,012
3. aneeshat... 347,059
4. ee_rlee 305,823
5. dtodd 190,705
6. brejk 170,605
7. ptjcb 151,519
8. mark_wills 146,165
9. PFrog 98,658
10. acperkins 86,575
11. dqmq 75,630
12. dportas 74,146
13. momi_sabag 71,940
14. maradam 71,186
15. Thomasian 70,100

1. angelIII 1,936,203
2. chapmandew 1,139,490
3. aneeshat... 912,164
4. ptjcb 515,911
5. Yveau 505,473
6. dtodd 401,710
7. PFrog 368,686
8. dqmq 346,978
9. imitchie 324,100
10. ee_rlee 305,823
11. appari 277,897
12. Lowfatsp... 220,339
13. rboyd56 192,515
14. SQL_SERV... 183,215
15. acperkins 181,914

01.17.2008 at 07:45AM PST, ID: 23090487

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.4

Enforcing Windows password policy on SQL accounts

Zones: SQL Server 2005, Windows 2003 Active Directory, Microsoft Applications

Tags: Microsoft, SQL Server 2005 Standard, 2005, cluster, Password validation failed. The password does not meet Windows policy requirements because it is not complex enough. (Microsoft SQL Server, Error: 15118)

I have created several SQL accounts on a SQL 2005 server, enforcing password policy, but not enforcing password expiration or "user must change password at next login."
I did not encounter any errors when setting up these accounts. However, the accounts lock when trying to use these accounts to make connections against the databases.
When I unlock the SQL account and hit ok, I get the following error:
Password validation failed. The password does not meet Windows policy requirements because it is not complex enough. (Microsoft SQL Server, Error: 15118)

In Active Directory Group Policy our password policy is set as follows:
Enforce password history: 10 passwords remembered
Maximum password age: 90 days
Minimum password age: 7 days
Minimum password length: 8 characters
Password must meet complexity requirements: Enabled
Store password using reversible encrption for all users on the domain: Disabled

The same settings are in place on the SQL server's local security settings.

For one SQL account I created, the password was 9 characters long, and contained symbols, numbers, and lower-case letters. The other account was 10 characters long, and contained upper-case letters, lower-case letters, and numbers.
Both passwords meet the password policy defined, and meet Microsoft's password complexity rules.

Can someone explain what I might be doing wrong, or what I'm missing?
Thanks

Start your free trial to view this solution

Question Stats

Zone: Microsoft

Question Asked By: joshsfinn

Solution Provided By: joshsfinn

Participating Experts: 2

Solution Grade: B

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

01.17.2008 at 07:52AM PST, ID: 20682429

Rank: Genius

KCTS:

Try creating a password that is
8 or more characters long
Contains an UPPER CASE letter
Contains a LOWER case letter
Comtains a NUMBER 0-9
Contains a symbol eg @, #, % or !

01.17.2008 at 08:03AM PST, ID: 20682509

joshsfinn:

Microsoft's password complexity requires only 3 of the 4 conditions be met. (http://support.microsoft.com/kb/821425) My own AD account, which is subject to the same password policy, has never contained a symbol, and has never had an issue.
This makes me think the issue is with the SQL applicaiton, not the password.

01.17.2008 at 08:13AM PST, ID: 20682625

Rank: Genius

KCTS:

Humour me - try it.

01.17.2008 at 08:21AM PST, ID: 20682710

joshsfinn:

Same error. I set the password of one of the accounts, meeting all 4 requirements , but when I went back in to check, the account it was locked.
The password is 10 characters, includes a symbol, 6 lower-case letters, 2 numbers, and one upper-case letter.

01.17.2008 at 12:53PM PST, ID: 20685276

joshsfinn:

Ended up opening a case with Microsoft. This is a bug with SP2, and is supposed to be fixed in SP3.
The "password complexity" error only occurs once an account gets locked. The error does not appear when creating the account and setting the password.
The work-around for now, when an account is locked, is to uncheck the "enforce password policy" checkbox and hit ok. Go back in to the account and it should no longer be locked. You can then reapply the password policy enforcement.

Accepted Solution

02.10.2008 at 07:42AM PST, ID: 20861413

Computer101:

A request has been made in Community Support to close this question:
http://www.experts-exchange.com/Q_23142208.html

If there are no objections, a moderator will finalize this question in approximately 4 days as follows:
PAQ with refund using {http:#a20685276}

Please leave any recommendations here.

Computer101
EE Admin

Vee_Mod

02.14.2008 at 04:13PM PST, ID: 20898354

Closed, 500 points refunded.
Vee_Mod
Community Support Moderator

20080236-EE-VQP-29 / EE_QW_2_20070628