Solved

Windows 2008 not taking complex passwords

Posted on 2014-10-31
4
134 Views
Last Modified: 2014-11-07
I have a Windows 2008 server as the DC and setup a password policy.  I've set history to 5 remembered, Max password age to 90 days, minimum age to 0, minimum length to 8 characters, set complexity requirement and store password using reversible encryption.  When ever the user tries to change their password, Windows says it don't meet the minimum requirements.  I've even tried complex password generators  generating password way beyond the requirements, and Windows still states the password is no good.  Please help, end users are getting mad.
0
Comment
Question by:kfasick
  • 2
4 Comments
 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 250 total points
ID: 40416679
You are making the changes to the default domain policy? And, as an aside, why are you storing passwords with reversible encryption? Pretty much defeats the purpose of any password complexity rules.
0
 

Author Comment

by:kfasick
ID: 40416684
Yes, I'm using the default domain policy.  So if I use the "reversible encryption" I can't use the complex password rule?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40416735
"Can't?" I don't think the system actually blocks you. But the reversible encryption has been around since NT4 and is all but worthless. If you use it, having co pled passwords does no good as anybody can simply reverse the password and get it, no matter how complex. It is a terrible settings to turn on inkless you have a valid business case to do so, and even then, should be done in an isolated environment and only for that specific purpose.
0
 
LVL 53

Accepted Solution

by:
McKnife earned 250 total points
ID: 40417114
Please use RSOP.msc on all your DCs and see if the pw settings are as expected.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now