Sirec
asked on
Windows Server 2008 R2 - Cannot disable password complexity
Hi all,
The problem we're having is that even though the password complexity via the default group policy is disabled, users are still being prompted with the message “Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain”
Windows settings > Security settings > Account Policies/Password policies:
Enforce password history - NOT DEFINED
Maximum password age - NOT DEFINED
Minimum password age - NOT DEFINED
Minimum password length - NOT DEFINED
Password must meet complexity requirements - DISABLED
Store passwords using reversible encryption - DISABLED
I cannot see any other policy enforcing the password complexity and I am now stuck.
Forcing GP update on client machine / rebooting server doe not work.
Please help! Any suggestions would be welcomed.
Many thanks in advance.
The problem we're having is that even though the password complexity via the default group policy is disabled, users are still being prompted with the message “Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain”
Windows settings > Security settings > Account Policies/Password policies:
Enforce password history - NOT DEFINED
Maximum password age - NOT DEFINED
Minimum password age - NOT DEFINED
Minimum password length - NOT DEFINED
Password must meet complexity requirements - DISABLED
Store passwords using reversible encryption - DISABLED
I cannot see any other policy enforcing the password complexity and I am now stuck.
Forcing GP update on client machine / rebooting server doe not work.
Please help! Any suggestions would be welcomed.
Many thanks in advance.
ASKER
The server is a domain controller. I have checked policy and again, already disabled :(
Did you check Active Directory Policy? If you are going to gpedit.msc this is the local policy for the server please use Group Policy management console go into here and configure the password policy.
ASKER
Hi,
Yes I am definitely using the group policy management console and the password complexity is disabled for sure. Perhaps a reset of some sort?
Yes I am definitely using the group policy management console and the password complexity is disabled for sure. Perhaps a reset of some sort?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Gpresult:
USER SETTINGS
--------------
CN=test,OU=ServiceAccounts ,OU=Users, OU=xxxxxx, DC=xxxxxx, DC=local
Last time Group Policy was applied: 15/02/2013 at 08:45:45
Group Policy was applied from: xxxx.xxxxxx.local
Group Policy slow link threshold: 500 kbps
Domain Name: xxxxxx
Domain Type: Windows 2000
Applied Group Policy Objects
-------------------------- ---
User security policy
Folder Redirection
Shortcuts On Desktop
The following GPOs were not applied because they were filtered out
-------------------------- ---------- ---------- ---------- ---------- -
User security policy
Filtering: Disabled (Link)
Default Domain Policy
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
Windows Updates
Filtering: Not Applied (Empty)
Remote Desktop
Filtering: Not Applied (Empty)
The user is a part of the following security groups
-------------------------- ---------- ---------- -----
Domain Users
Everyone
BUILTIN\Users
NT AUTHORITY\INTERACTIVE
CONSOLE LOGON
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Roaming and redirection
Medium Mandatory Level
I have checked the 3 applied policies in Group Policy Management and they all have 'No Settings Defined' under 'Computer Configuration'
I have checked Gpedit.msc and I can confirm the password complexity is disabled.
Thanks for your help!
USER SETTINGS
--------------
CN=test,OU=ServiceAccounts
Last time Group Policy was applied: 15/02/2013 at 08:45:45
Group Policy was applied from: xxxx.xxxxxx.local
Group Policy slow link threshold: 500 kbps
Domain Name: xxxxxx
Domain Type: Windows 2000
Applied Group Policy Objects
--------------------------
User security policy
Folder Redirection
Shortcuts On Desktop
The following GPOs were not applied because they were filtered out
--------------------------
User security policy
Filtering: Disabled (Link)
Default Domain Policy
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
Windows Updates
Filtering: Not Applied (Empty)
Remote Desktop
Filtering: Not Applied (Empty)
The user is a part of the following security groups
--------------------------
Domain Users
Everyone
BUILTIN\Users
NT AUTHORITY\INTERACTIVE
CONSOLE LOGON
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Roaming and redirection
Medium Mandatory Level
I have checked the 3 applied policies in Group Policy Management and they all have 'No Settings Defined' under 'Computer Configuration'
I have checked Gpedit.msc and I can confirm the password complexity is disabled.
Thanks for your help!
ASKER
I know its a strange one and is very frustrating. Can anyone help please?
ASKER
Maybe because the default domain policy not being applied and therefore any changes I make will also not be applied?
i.e.
Local Group Policy
Filtering: Not Applied (Empty)
Of the 3 applied policies as stated above, I may just enable the password complexity to test.
Any suggestions are welcomed guys.
Thanks
i.e.
Local Group Policy
Filtering: Not Applied (Empty)
Of the 3 applied policies as stated above, I may just enable the password complexity to test.
Any suggestions are welcomed guys.
Thanks
I would enabled it see what happens
If it is then you need to modify the domain policy that is applied to that server