Can’t change password on Windows Server 2008
Hi,
Could you help me to fix following issue please? I can’t find any solution.
I tried to change password when I’m logged over RDP (CTRL+ALT+END) to Windows Server 2008 and whatever I do I’m getting error: “Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.”
But unfortunately it meets…..
So basically I run Result Set of Policy Wizard for the user and got:
Enforce password history 24 passwords remembered
Maximum password age Not Defined
Maximum password age Not Defined
Maximum password length 9 characters
Password must meet complexity requirements Enabled
And I’m using password like: Dkj%4fdd8 or DJfkj%43*432 so they obviously meet rules. I also tried to change GPO and disabled complexity and changed length – no luck.
As I completely built Server and AD I’m sure there is nothing unusual in configuration. I also tried to reboot DC, login using couple of different users, use different machines – no luck. Whatever I do I’m getting the same error message for all users.
However I can change the password on Active Directory Users and Computer without any problems. It even prompts me when password doesn’t meet complexity requirements but if meet, it changes successfully.
I have Windows Server 2008 SP2 – up to date.
Has somebody had similar issue? Please help me as I almost lost hope…..
Could you help me to fix following issue please? I can’t find any solution.
I tried to change password when I’m logged over RDP (CTRL+ALT+END) to Windows Server 2008 and whatever I do I’m getting error: “Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.”
But unfortunately it meets…..
So basically I run Result Set of Policy Wizard for the user and got:
Enforce password history 24 passwords remembered
Maximum password age Not Defined
Maximum password age Not Defined
Maximum password length 9 characters
Password must meet complexity requirements Enabled
And I’m using password like: Dkj%4fdd8 or DJfkj%43*432 so they obviously meet rules. I also tried to change GPO and disabled complexity and changed length – no luck.
As I completely built Server and AD I’m sure there is nothing unusual in configuration. I also tried to reboot DC, login using couple of different users, use different machines – no luck. Whatever I do I’m getting the same error message for all users.
However I can change the password on Active Directory Users and Computer without any problems. It even prompts me when password doesn’t meet complexity requirements but if meet, it changes successfully.
I have Windows Server 2008 SP2 – up to date.
Has somebody had similar issue? Please help me as I almost lost hope…..
Comments
-
phoeneous
Member Posts: 2,333 ■■■■■■■□□□
I had a similar problem with a terminal server. When users would remote it, if they were prompted to change their expiring passwords, it wouldnt let them. Turns out the clock was off by 3 minutes from the DC. I fixed the clock, enforced an ntp policy and problem went away.
I wasnt aware of a Maximum password length policy, only a Minimum length policy. Typo? -
PiotrIr
Member Posts: 236
Many thanks for your reply.
Unfortunately it is not a time problem in my case. I already have ntp policy on place so there is no difference in time between servers. I also tried to change password on DC and wasn't able.
With this "Maximum password length" is a obwiously my mistake. Should be Minimum
I just can't find reasonable explenation why it happends in this system.... -
PiotrIr
Member Posts: 236
No. I even changed settings in GPO to log events when fail and success. Nothing, just shows that user tried to changed password and attampt faild.
DCDIAG hasn't showed anything as well. -
PiotrIr
Member Posts: 236
FYI
There is a bug in W2K8, so basically when you leave "Maximum password age Not Defined" you will get this problem.
It should be defined to 0 (or other value). Since I change the parameter my passwords started to work.