Solved

SBS 2008 GPO Password Policy is not applied

Posted on 2011-02-16
4
869 Views
Last Modified: 2012-08-13
I have updated the password policy under the Default Domain Policy in SBS 2008.  For whatever reason clients cannot change their passwords.

My current policy is as follows
Policy Setting
Enforce password history 0 passwords remembered
Minimum password length 6 characters
Password must meet complexity requirements Enabled
Store passwords using reversible encryption Disabled

When users go to change their password they recieve an error even when the password meets these requirments.  I've tried running gpupdate on the server and the clients but still have the issue.  I've searched through other GPO's and havn't found any conflicting settings.  The only way I can update a password is to manually do it in active directory.
0
Comment
Question by:tc6atim
4 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 34909537
Two thoughts:
What is Minimum password age set to? The password must be older than the minimum in order for the user to be able to change it.
In Active directory under the account tab of the users profile make sure "user cannot change password" is not checked.
0
 
LVL 13

Accepted Solution

by:
connectex earned 400 total points
ID: 34909639
Did you manually change the GPO or do it through the SBS wizard? The SBS Wizard also sets the password need to be changed option on the non-administrator user accounts.
0
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 34909647
make sure that If this policy is enabled, passwords must meet the following

Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
Be at least six characters in length
Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
Complexity requirements are enforced when passwords are changed or created.

Question is are you allowed to use same password which user tried to change too and failed, on active directory to successfully change passwords?

JAN ICT TECH MA CCNA
0
 
LVL 3

Author Closing Comment

by:tc6atim
ID: 34918968
I manually changed the GPO.  When I checked the password policy in the SBS Wizard in reflected those changes but complained that my 6 character lentgh should really be atleast 7.  I appeased the Wizard, it reapplied the settings.  I started getting calls from the users about Outlook asking to trust the autodiscover file from the server which was weird.  I logged in and was meet with a request to update my password.  However I was able to use the same password per my policy setting so all is good now.  Thanks for the help!
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 VPN? 6 73
Group Policies not being applied 12 31
Certificate name mismatch error when starting Outlook 5 24
SBS 2003 RWW Login 3 19
Note: This is the second blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   Every month t…
We need a new way to communicate time sensitive or critical info.   The best part of my role at xMatters is visiting our clients all over the world to learn about how they operate their businesses, share insights that xMatters has gleaned across…
The viewer will learn how to set up a document for the web and print and the recommended PPI for printing.
The viewer will learn how to successfully download and install the SARDU utility on Windows 8, without downloading adware.

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now