Not able to change password
Hi experts,
Whenever our domain user trying to change password their meachine , they're are geting error message.
UNABLE TO UPDATE THE PASSWORD. THE VALUE PROVIDED FOR THE NEW PASSWORD DOES NOT MEET THE LENGTH, COMPLEXITY, OR HISTORY REQUIREMENT OF THE DOMAIN.
Password GPO Details on our serevr.
24 passwords remembered
42 days max password age
1 day min password age
7 characters Minimum password length
Password must meet complexity requirements (capital letter, small letter and one digit or non-alphabetic, also not more then 3 characters from the username)
Thanks
Whenever our domain user trying to change password their meachine , they're are geting error message.
UNABLE TO UPDATE THE PASSWORD. THE VALUE PROVIDED FOR THE NEW PASSWORD DOES NOT MEET THE LENGTH, COMPLEXITY, OR HISTORY REQUIREMENT OF THE DOMAIN.
Password GPO Details on our serevr.
24 passwords remembered
42 days max password age
1 day min password age
7 characters Minimum password length
Password must meet complexity requirements (capital letter, small letter and one digit or non-alphabetic, also not more then 3 characters from the username)
Thanks
ASKER
hello rishimehta01,
I try the same but, still i am getting the sam error.
Thanks.
I try the same but, still i am getting the sam error.
Thanks.
You can also change the Password complexity requirements in the same GPO details..
If you donot want to change the policy complexity requirement, then try
password@123.
P@ssw0rd
password@123.
P@ssw0rd
ASKER
Hi Naranthiran,
I tryed the same, what i diid.
i disable the passowrd complexity requirement in the same GPO, but still i am getting the sam error message.
I tryed the same, what i diid.
i disable the passowrd complexity requirement in the same GPO, but still i am getting the sam error message.
ASKER
Hi Rishi
Neither of the passwords are working. Is it possible that my GPO is not working fine!!
Do i need to restart my AD-DC server? Will it address the issues?
Neither of the passwords are working. Is it possible that my GPO is not working fine!!
Do i need to restart my AD-DC server? Will it address the issues?
After you change the GP type this in command prompt.
gpupdate/force
gpupdate/force
if you have not restarted the server and you donot want to restart it now....then you can try immediate update...by using command :
gpupdate /force.
gpupdate /force.
ASKER
Hi Rajkumar,
I allready done all the need full, but the issue is still same.
I allready done all the need full, but the issue is still same.
Are you aware that for domain accounts, the correct GPO that controls this is the Default Domain Controllers policy?
A common mistake is to change this in the Default Domain Policy, but this would only configure the password policy used by domain member machines locally - not applicable to domain user accounts, which are authenticated and handled by the Domain Controllers.
A common mistake is to change this in the Default Domain Policy, but this would only configure the password policy used by domain member machines locally - not applicable to domain user accounts, which are authenticated and handled by the Domain Controllers.
Also, to be sure you're aware, if the minimum password age is 1 day (the default), this means that users cannot change their password within 24 hours after it's been changed - it would result in the error message you mentioned. The purpose of this is to prevent users from quickly cycling through enough passwords so they can change back to the original one, in effect defeating the password change policy. Whether you want this option or not depends on your what your users are like - I personally prefer not to have this restriction (set it to 0) but make sure enough previous passwords are remembered. There's probably not many users willing to go through 24 password changes in order to keep using the original password.
This minimum password age restriction does of course not apply to administratively resetting the password.
This minimum password age restriction does of course not apply to administratively resetting the password.
Make sure that the GPO is applied for the default domain policy, nit the default domain controller policy, additionally, you have to check whether the policy is up and running by forcing the policy update either by command (gpupdate)or by restarting the server after policy modification.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
p@ssw0rd