?
Solved

Changing password policy in active directory

Posted on 2008-06-17
5
Medium Priority
?
562 Views
Last Modified: 2011-10-19
I cannot change the policy of the complexity of the users password.
I have checked all the policy in the active directory and disabled all the related policy also on the local domain policy.
Still users have password complexity and they are asked to change their password frequently.
I also have difficulties on applying other policies from active directory , any thing i am missing?
0
Comment
Question by:haftrine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 21801971
To answer this, I'll need a little more info on how things are set up...

Are you using the Default Domain Policy to edit these settings? If so, is this policy definitely linked at the domain level or a root OU of some kind? Perhaps a screenshot of your GPMC with everything expanded would answer this... :)

And remember that the password complexity just defines how complex a users password has to be, not the length of time before they need to reset it... That is set by the Maximum Password Age settings under computer configuration > Windows Settings > Security Settings > Account Policies/Password Policy.

Pete
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 21802064
Account policies are defined in GPO on domain level. Changes will take effect the next time the users change their password.

As you also have problems with applying other policies, it can be a replication problem. Do you get any errors in output from netdiag run on DCs?
0
 

Author Comment

by:haftrine
ID: 21803739
I am using GPMC, the Ntediag only give error in WINS that is missing, other than that everything is ok.
I have also check DCDiag everything passed too.
I have removed all the policies as i am defining new ones, still when i try to change my password it gives me the necessity to be complex although i did disable all the options related to it in the domain policy.
0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 21803970
But is the domain policy linked to the domain in the GPMC?

Simply creating the policy is not enough, you need to link it to your domain first.

One way to test is log on to one of the PCs, and run gpresult from a command prompt - This will tell you what policies are applying to that PC and the user you are logged on with. You can post the results of gpresult back here if you're not sure what it means...

Pete
0
 
LVL 19

Accepted Solution

by:
PeteJThomas earned 375 total points
ID: 21804020
Just to be clearer about the linking, you can see in the screenshot I've attached that the default domain policy is linked to the domain through the sort of shortcut icon the red arrow is pointing to... Yours should also look similar!
GPMC.JPG
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question