ajcanal
asked on
Unable to change user passwords
Hello,
I am using Windows Server 2003 Standard. Lately, whenever I have to change a user password, no matter what I try, it comes back and tells me the password I have entered does not meet the necessary requirements. I have several GPO's and have eliminated any password requirements from all of them, including the Default Domain Policy. The policies are also not linked nor being enforced. I still cannot change the password for an existing user and I cannot create a new user ID and password in existing OU's. I'm in the process of implementing tighter password controls and my users routinely lock themselves out.
Anyone have any ideas on what's going on?
Thanks.....
Armando
I am using Windows Server 2003 Standard. Lately, whenever I have to change a user password, no matter what I try, it comes back and tells me the password I have entered does not meet the necessary requirements. I have several GPO's and have eliminated any password requirements from all of them, including the Default Domain Policy. The policies are also not linked nor being enforced. I still cannot change the password for an existing user and I cannot create a new user ID and password in existing OU's. I'm in the process of implementing tighter password controls and my users routinely lock themselves out.
Anyone have any ideas on what's going on?
Thanks.....
Armando
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
make sure you turn off both policies
Hi
not much to add here, except that if you want a good visibility on what's actually implemented, consider using the RSOP snap-in. Always convenient.
Cheers
not much to add here, except that if you want a good visibility on what's actually implemented, consider using the RSOP snap-in. Always convenient.
Cheers
in continuation to above messages of Jay and Taylor
Start->Programs->Administr ative Tools->Domain Security Policy (Default Domain Security Settings window will be opened)
In this window expand "Account Policies" and Click on "Password Policy" and you will see the options in the right pane.
here double click on "minimum password length" and change it 4 to 0 and then again double click on "Password must meet complexity requirements" and select the radio button "disabled"
close this window open command prompt and type gpupdate.exe and press enter. Now try to change the passwords of the users
Start->Programs->Administr
In this window expand "Account Policies" and Click on "Password Policy" and you will see the options in the right pane.
here double click on "minimum password length" and change it 4 to 0 and then again double click on "Password must meet complexity requirements" and select the radio button "disabled"
close this window open command prompt and type gpupdate.exe and press enter. Now try to change the passwords of the users
ASKER
Folks,
Thank you for your input. I've tried your recommended stepts, reset all settings to "Not Defined" in all GPO's. Nothing seems to work. I'm starting to worry!
Any other ideaas?
Thanks again.
Armando
Thank you for your input. I've tried your recommended stepts, reset all settings to "Not Defined" in all GPO's. Nothing seems to work. I'm starting to worry!
Any other ideaas?
Thanks again.
Armando
you should not make them not defined. you just have to disable them as i told above
I think your in the wrong place make sure you follow the place as above. You dont need to be in group policy. Just local security policy.
Start-->control panel --> administrative tools --> local security policy.
Start-->control panel --> administrative tools --> local security policy.
ASKER
Thanks again guys.
This is a Domain Controller. When Active Directory is implemented the Local Security Policy is replaced by the Domain Controller Security Policy and the Domain Security Policy. The Local Security Policy option dissapears when a machines is promoted to a DC. A gpedit.msc will take me there. Prolem solved.
Thanks.
This is a Domain Controller. When Active Directory is implemented the Local Security Policy is replaced by the Domain Controller Security Policy and the Domain Security Policy. The Local Security Policy option dissapears when a machines is promoted to a DC. A gpedit.msc will take me there. Prolem solved.
Thanks.
no problem
After you do that you wont get the error telling you that your passwords dont meet requirements.
Hope this helps.