Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Course Of The Month
7 days, 1 hour left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
when password doesnt changed even when meeting the policy whats the issue
Posted on 2012-12-31
had to change a users password today, but no matter what combination the user cannot change his password again. checked the gpo and nothing to stop him
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2-
2
- +3
8 Comments
I have had this happen to me a couple of times. When you reset the user's password, the system sees that as the user changed their password and you will need to wait until the Minimum Password age expires. For example in my environment, we have a minimum password age of 14 days. If I reset a user's password, I would need to wait two weeks until the user can change his own password.
As I see it, you have a couple of options here:
1) Remove the Minimum Password age from your policy. Which is something that I do not recommend.
2) When you reset a user's password get in the habbit of selecting the option "User must change password at next logon". This seems to override the minimum password age requirement. The user will need to change their password to something else.
Hope this helps
Rob
As I see it, you have a couple of options here:
1) Remove the Minimum Password age from your policy. Which is something that I do not recommend.
2) When you reset a user's password get in the habbit of selecting the option "User must change password at next logon". This seems to override the minimum password age requirement. The user will need to change their password to something else.
Hope this helps
Rob
Active 7 days ago
Now when user tries to change password I get:
"Unable to update the password. The value provided for the new password does not meet the length, complexity, or history of the domain"
"Unable to update the password. The value provided for the new password does not meet the length, complexity, or history of the domain"
To meet the policy your password MUST,
1. Passwords cannot contain the user's account name or parts of the user's full name that exceed two consecutive characters.
2. Passwords must be at least six characters in length
3. Passwords must contain characters from THREE of the following four categories:
English uppercase characters (A through Z).
English lowercase characters (a through z).
Base 10 digits (0 through 9).
Non-alphabetic characters (for example, !, $, #, %).
1. Passwords cannot contain the user's account name or parts of the user's full name that exceed two consecutive characters.
2. Passwords must be at least six characters in length
3. Passwords must contain characters from THREE of the following four categories:
English uppercase characters (A through Z).
English lowercase characters (a through z).
Base 10 digits (0 through 9).
Non-alphabetic characters (for example, !, $, #, %).
pleasee verify that your users had the ability to change their passwords, on the property of each user, on the account tab, under account option verify that user can not change his password is not checked.
Refer to these link. They will help you.
http://technet.microsoft.com/en-us/library/cc782255(v=ws.10).aspx
https://kb.wisc.edu/ams/page.php?id=8831
http://www.youtube.com/watch?v=6SBgDDoE2CU
Resetting with Power shell scripts
http://blogs.technet.com/b/heyscriptingguy/archive/2010/08/17/how-to-change-a-user-s-active-directory-password-with-powershell.aspx
Else download a free version 3rd party tool. This tool will allow you to change and reset the password with just simple clicks. But this is freeware on the limitation on the numbers of user. Try it out
http://www.lepide.com/active-directory-self-service.html
Hope it helps for you
http://technet.microsoft.com/en-us/library/cc782255(v=ws.10).aspx
https://kb.wisc.edu/ams/page.php?id=8831
http://www.youtube.com/watch?v=6SBgDDoE2CU
Resetting with Power shell scripts
http://blogs.technet.com/b/heyscriptingguy/archive/2010/08/17/how-to-change-a-user-s-active-directory-password-with-powershell.aspx
Else download a free version 3rd party tool. This tool will allow you to change and reset the password with just simple clicks. But this is freeware on the limitation on the numbers of user. Try it out
http://www.lepide.com/active-directory-self-service.html
Hope it helps for you
Featured Post
Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
A hard and fast method for reducing Active Directory Administrators members.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply.
This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
Suggested Courses
Course of the Month7 days, 1 hour left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
724 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.