So basically I run Result Set of Policy Wizard for the user and got:
Enforce password history 24 passwords remembered
Maximum password age Not Defined
Maximum password age Not Defined
Maximum password length 9 characters
Password must meet complexity requirements Enabled
And I’m using password like: Dkj%4fdd8 or DJfkj%43*432 so they obviously
meet rules (I tried even 25 chars). I also tried to change GPO and disabled
complexity and changed length – no luck.
As I completely built Server and AD I’m sure there is nothing unusual in
configuration. I also tried to reboot DC, login using couple of different
users, use different machines – no luck. Whatever I do I’m getting the same
error message for all users.
However I can change the password on Active Directory Users and Computer
without any problems. It even prompts me when password doesn’t meet
complexity requirements but if meet, it changes successfully.
I have Windows Server 2008 SP2 – up to date.
Has somebody had similar issue? Please help me as I almost lost hope…..
Passwords cannot contain the user's account name or parts of the user's full
name that exceed two consecutive characters.
Passwords must be at least six characters in length.
Passwords must contain characters from three of the following four
categories:
English uppercase characters (A through Z).
English lowercase characters (a through z).
Base 10 digits (0 through 9).
Non-alphabetic characters (for example, !, $, #, %).
Make sure your password doesn't contain "the user's account name or parts of
the user's full name that exceed two consecutive characters"
--
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
http://blogs.sivarajan.com/
http://publications.sivarajan.com/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Piotr" <Pi...@discussions.microsoft.com> wrote in message
news:90D0DAEC-BC6B-4C91...@microsoft.com...
Besides the domain password policy, your user account *may be* subject to a
Fine Grained Password Policy setting (PSO) that I believe won't show up in
an RSOP.
Also (and more likely), Server 2008 "complexity" definitions now include
consecutive characters from the display name and account name
(Samaccountname) - What is the username and displayname of the account you
are having this problem with?
--
/kj
Many thanks for your reply.
Unfortunately solution is not as easy. I'm sure my passwords meet all rules
in domain. It is enought complex, long, doesn't contain user name and is not
recorded in history. I used even random leters, numbers a chars and no result.
Many thanks for your reply.
As I mentioned before system was created by me and I haven't implemented
Fine Granted Password Policy as one rule for my domain was enought.
This issue is realy strange. In last two years I installed around 20 systems
and never met something like that before...
"kj [SBS MVP]" wrote:
> .
>
>> Maximum password length 9 characters
*Maximum password length* ? Huh :)
At one time there was a problem with minimum password age as undefined
instead of 0 or some other setting - but I though that was fixed.
--
/kj
FYI it is not fixed, I defined min and max password age to 0 and it started
to work…
Thanks a lot!
"kj [SBS MVP]" wrote:
> .
>
Pleased to be of help.
/kj ( today "the blind squirrel" )
--
/kj
--
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
http://blogs.sivarajan.com/
http://publications.sivarajan.com/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Piotr" <Pi...@discussions.microsoft.com> wrote in message
news:B0E12CDC-385B-448C...@microsoft.com...
--
Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
http://blogs.sivarajan.com/
http://publications.sivarajan.com/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Piotr" <Pi...@discussions.microsoft.com> wrote in message
news:B0E12CDC-385B-448C...@microsoft.com...
--
hibenias60
------------------------------------------------------------------------
hibenias60's Profile: http://forums.techarena.in/members/211124.htm
View this thread: http://forums.techarena.in/active-directory/1314774.htm
I have users who cannot change their own passwords on a Terminal server, but I
can change my password with an administrative (domain) account on that same
terminal server.
I don't have any GPOs defined beyond the defaults.
Any other things you tried/heard?