?
Solved

when password doesnt changed even when meeting the policy whats the issue

Posted on 2012-12-31
8
Medium Priority
?
318 Views
Last Modified: 2013-01-14
had to change a users password today, but no matter what combination the user cannot change his password again. checked the gpo and nothing to stop him
0
Comment
Question by:ID10Tz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 13

Expert Comment

by:Alexios
ID: 38732722
Hello
Did you select the option for changing password through Active Directory or via GPO?
0
 

Expert Comment

by:stoehrer
ID: 38732732
I have had this happen to me a couple of times.  When you reset the user's password, the system sees that as the user changed their password and you will need to wait until the Minimum Password age expires.  For example in my environment, we have a minimum password age of 14 days.  If I reset a user's password, I would need to wait two weeks until the user can change his own password.

As I see it, you have a couple of options here:

1) Remove the Minimum Password age from your policy.  Which is something that I do not recommend.

2) When you reset a user's password get in the habbit of selecting the option "User must change password at next logon".  This seems to override the minimum password age requirement.  The user will  need to change their password to something else.

Hope this helps

Rob
0
 
LVL 1

Author Comment

by:ID10Tz
ID: 38732845
Now when user tries to change password I get:

"Unable to update the password. The value provided for the new password does not meet the length, complexity, or history of the domain"
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 13

Expert Comment

by:Alexios
ID: 38732874
To meet the policy your password MUST,

1. Passwords cannot contain the user's account name or parts of the user's full name that exceed two consecutive characters.

2. Passwords must be at least six characters in length

3. Passwords must contain characters from THREE of the following four categories:

    English uppercase characters (A through Z).
    English lowercase characters (a through z).
    Base 10 digits (0 through 9).
    Non-alphabetic characters (for example, !, $, #, %).
0
 
LVL 1

Author Comment

by:ID10Tz
ID: 38732948
minimum password age requirement is not enforced
0
 
LVL 6

Accepted Solution

by:
emadallan earned 2000 total points
ID: 38733568
pleasee verify that your users had the ability to change their passwords, on the property of each user, on the account tab, under account option verify that user can not change his password is not checked.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38734800
can you post your password policy snapshot
0
 
LVL 4

Expert Comment

by:palicos
ID: 38736130
Refer to these link. They will help you.

http://technet.microsoft.com/en-us/library/cc782255(v=ws.10).aspx

https://kb.wisc.edu/ams/page.php?id=8831

http://www.youtube.com/watch?v=6SBgDDoE2CU

Resetting with Power shell scripts

http://blogs.technet.com/b/heyscriptingguy/archive/2010/08/17/how-to-change-a-user-s-active-directory-password-with-powershell.aspx

Else download a free version 3rd party tool. This tool will allow you to change and reset the password with just simple clicks. But this is freeware on the limitation on the numbers of user. Try it out

http://www.lepide.com/active-directory-self-service.html

Hope it helps for you
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses
Course of the Month14 days, 12 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question