I created a GPO at the Domain Level that enforced Password Complexity Requirements. Subsequently, when users were required to change their passwords, the GPO was applied. The users kept getting an error message stating that password did not meet the complexity requirements, EVEN THOUGH THE PASSWORD DID MEET THE COMPLEXITY REQUIREMENTS. I eventually removed the GPO because this was causing much frustration on both mine and the users.
But users are STILL being provided the same error message, with the GPO removed.
I checked the only existing GPOs, which are the Default Domain Policy and the Default Domain Controllers Policy, but the Complexity Requirements have been disabled on both policies.
To take it one step further, some users are being told that their password is not at least 8 characters long, even though it is!!!
There are no Local Policies that Block Inheritance, etc.