Not able to change the Domain admin password.

Posted on 2007-10-13
Last Modified: 2012-06-27

I get this...

Active Directory
Windows cannot complete the password change for Administrator because:

The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.


I even tried going to gpedit.msc > Computers configuration...But all the password policy are disabled...

Question by:bsharath
    LVL 1

    Assisted Solution

    Have you tried to have at least one Capital letter, one lowercase letter, one number and at least 8 chars?
    e.g: HELLOuni12345

    LVL 11

    Author Comment

    Ya some thing like that works out but why are the options disabled...
    I want to change the password policy but all look disabled..
    LVL 1

    Expert Comment

    I'm not sure.
    Is the server a domain controller?
    I.e: are you changing a local administrator password or the network administrator password?
    LVL 11

    Author Comment

    I just tried creating a user.Even for which i get the same message...
    LVL 5

    Assisted Solution

    After you ran gpedit if you either reboot the system so the permissions updated or did you run
    gpupdate /force

    This is make those policy change take effect insistently then you should be able to do what you are trying to do.  

    Just to make sure when you are in gpedit you need to go to Computer Configuration, then Windows Settings, then Security Settings, then Password Policy, then you can disable all the password complexity, the max age, min age, length....

    Just make sure you run gpupdate /force from a command prompt to force those changes to happen right  then.
    LVL 58

    Accepted Solution

    gpedit.msc only edits the local computer group policy. You should also run rsop.msc and look in the same location (Password Policy) to see if anything is set there. You may find that there is a domain-wide Group Policy object which enforces complexity in passwords, in which case it will show up in rsop.msc along with the policy defining it. If so, go to a DC and edit that object to disable the setting, run gpupdate /force then try again.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now