Issue with Mac users AD password resetting

Have been battling this issue for over a year now, here is my setup

i have mac AD users, their macbooks are joined to AD with a software called Centrify, every 90 Days our AD users need to reset their passwords. the Centrify app prompts them to reset their AD password however when they enter their old and new password the Centrify app prompts them that they have not reach their complexity requirements require for their password. Now AD actually takes the password but the user thinks it does not and now the user cannot login to their macbook

the workaround for me is to remove the user from the domain then re-add the macbook

any ideas what this could be.
LVL 2
IT GuyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AmitIT ArchitectCommented:
Looks like you have password complexity mismatch, between you AD and centrify server. Do you have password complexity enabled in AD?
IT GuyAuthor Commented:
yes password complexity is enabled on AD but did not find in centify policy.
AmitIT ArchitectCommented:
Just check this KB for centrify: https://docs.centrify.com/Content/CoreServices/UsersRoles/PasswrdComplexReq.htm

and this one for AD: https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements

Better you disable complexity within AD and let centrify force the complexity. I have seen this issue with few of my client and solution we used, to disable from AD end. However, you check with your team, before doing anything or vendor might be able to answer.
Get a highly available system for cyber protection

The Acronis SDI Appliance is a new plug-n-play solution with pre-configured Acronis Software-Defined Infrastructure software that gives service providers and enterprises ready access to a fault-tolerant system, which combines universal storage and high-performance virtualization.

IT GuyAuthor Commented:
i have directmanage deployment manager and Access manager, i could not find any core services policies listed under those, maybe i need to install another software on my server
AmitIT ArchitectCommented:
I advise you to check with Centrify vendor, they might give more details and solution for your issue.
IT GuyAuthor Commented:
yea - i worked with them on this for about a year with no avail solution, trying to download their latest software Centrify Infrastructure Services 18.8 for 64-bit Windows
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software

From novice to tech pro — start learning today.