Avatar of John Achille
John Achille
Flag for United States of America asked on

when password doesnt changed even when meeting the policy whats the issue

had to change a users password today, but no matter what combination the user cannot change his password again. checked the gpo and nothing to stop him
Active DirectoryWindows Server 2003Windows 7

Avatar of undefined
Last Comment
palicos

8/22/2022 - Mon
Alexios

Hello
Did you select the option for changing password through Active Directory or via GPO?
stoehrer

I have had this happen to me a couple of times.  When you reset the user's password, the system sees that as the user changed their password and you will need to wait until the Minimum Password age expires.  For example in my environment, we have a minimum password age of 14 days.  If I reset a user's password, I would need to wait two weeks until the user can change his own password.

As I see it, you have a couple of options here:

1) Remove the Minimum Password age from your policy.  Which is something that I do not recommend.

2) When you reset a user's password get in the habbit of selecting the option "User must change password at next logon".  This seems to override the minimum password age requirement.  The user will  need to change their password to something else.

Hope this helps

Rob
John Achille

ASKER
Now when user tries to change password I get:

"Unable to update the password. The value provided for the new password does not meet the length, complexity, or history of the domain"
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
Alexios

To meet the policy your password MUST,

1. Passwords cannot contain the user's account name or parts of the user's full name that exceed two consecutive characters.

2. Passwords must be at least six characters in length

3. Passwords must contain characters from THREE of the following four categories:

    English uppercase characters (A through Z).
    English lowercase characters (a through z).
    Base 10 digits (0 through 9).
    Non-alphabetic characters (for example, !, $, #, %).
John Achille

ASKER
minimum password age requirement is not enforced
ASKER CERTIFIED SOLUTION
emadallan

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Sarang Tinguria

can you post your password policy snapshot
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
palicos

Refer to these link. They will help you.

http://technet.microsoft.com/en-us/library/cc782255(v=ws.10).aspx

https://kb.wisc.edu/ams/page.php?id=8831

http://www.youtube.com/watch?v=6SBgDDoE2CU

Resetting with Power shell scripts

http://blogs.technet.com/b/heyscriptingguy/archive/2010/08/17/how-to-change-a-user-s-active-directory-password-with-powershell.aspx

Else download a free version 3rd party tool. This tool will allow you to change and reset the password with just simple clicks. But this is freeware on the limitation on the numbers of user. Try it out

http://www.lepide.com/active-directory-self-service.html

Hope it helps for you