We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Can't reset Domain User Account Password

Medium Priority
1,110 Views
Last Modified: 2012-05-11
I am running AD on 2003 servers.  Just added 2 additional DCs running Server 2008 R2.  When I (as a domain admin) attempt to reset users passwords to the previously used password I now get an error 'Failed to reset the password for <User's Full Name>.  The error is: Failed to set the password for the object.  The password does not meet the length, complexity, or history requirement of the domain.  I never had this problem prior adding a couple 2008 DCs to our network.  We have made no changes to group policy password rules since adding the 2 2008 DCs.  Please advise what could be causing this issue.

Thanks,
Mike
Comment
Watch Question

Can you check that the "Password must meet complexity requirements" option under Password Policy in GPO Management is disabled or enabled?

Also, is the password that you are trying to reset it to meet the character length that you have set under "Minimum password length" under Password Policy?

Please make sure that the password is not a previous password as well.

Author

Commented:
Thanks for taking the time to respond.
Password must meet complexity requirements option is enabled.
Minimum password length is 8.  The password meets that requirement.
As I noted in my original post, I am in fact trying to reset the password to a previously used password. In fact it would be their most recent used one.  I have always been able to do this for our users through ADUC as a domain admin prior to installing the 2008 DCs.  I understand doing this violates the 'Enforce password history' setting but it always worked in the past.  My main reason for doing this is to resolve issues for users who might be travelling and have issues with their password.  It's much simpler than changing them to a new password while they are working remotely.    

Thanks,
Mike
Yes it is true that you can bypass the policy to reset the password to an old one from within Server 2003 AD. I believe this stil works with Server 2008 as well.

Does the password that the user was previously using( the one you are trying to reset it to) meet the complexity requirements? Usually this means it will need at least 3 of the following in the password.

English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)

Author

Commented:
It appears to me to satisfy 3 of those requirements.  The password I'm trying to use is Auwrnxpg1 (Exact format but I changed the letters around).
Yep, that looks to be good.

Can you try to reset it to another password just to see if maybe the problem is with using the current password? If it works, then try changing it back to the old password.

Author

Commented:
Hmm, well to keep from hosing an active user I created a test account and set a password.  I then attempted to change the password to the same password I was trying to use from above.  It fails with the same message.  It did allow me to then reset the password back to what I used when I created the test account. So, it appears to have something to do with the choice of password however, the password appears to meet the requirements.  Any ideas?
Well, it seems that it worked with the test account, so maybe change the password to something different for the user account and see if you can then change back, like you did with the test account?

Author

Commented:
Ok, I'll get in touch with the user and give that a try.  May be tomorrow before I can reach him.

Thanks
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Yeah could be, I had not tried it from the new tool.

Author

Commented:
Was able to get around my problem by using ADUC instead of the new Active Directory Administrative Center.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.