Can't add users to Domain 2003 Server

Had a look around how to fix this and can't find an answer.

I can't add any users into my domain in 2003 server. I get an error message saying the password complexity or length is incorrect.

I can successfully login to the domain from a different PC with one of the built in domain accounts but I would like to create a few dummy accounts in AD. It creates the account but then disables it.

Is this something to do with policies on the server?............... and how do I fix this?

Cheers

Malc

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

royal

There is a password complexity group policy that enforces the passwords in a domain as such:

Taken from: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/strngpw.mspx

Passwords must meet complexity requirements determines whether password complexity is enforced. If this setting is enabled, user passwords meet the following requirements:
• The password is at least six characters long.

The password contains characters from at least three of the following five categories:
• English uppercase characters (A - Z)
• English lowercase characters (a - z)
• Base 10 digits (0 - 9)
• Non-alphanumeric (for example: !, $, #, or %)
• Unicode characters

• The password does not contain three or more characters from the user's account name.
• If the account name is less than three characters long, this check is not performed because the rate at which passwords would be rejected is too high. When checking against the user's full name, several characters are treated as delimiters that separate the name into individual tokens: commas, periods, dashes/hyphens, underscores, spaces, pound-signs, and tabs. For each token that is three or more characters long, that token is searched for in the password; if it is present, the password change is rejected. For example, the name "Erin M. Hagens" would be split into three tokens: "Erin", "M", and "Hagens". Because the second token is only one character long, it would be ignored. Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password. All of these checks are case-insensitive.

How to disable/enable password complexity requirements:
http://www.petri.co.il/disable_password_requirement_in_win2003_domain.htm

malcybood

Nice one thanks Royal, thought it'd be something like that just don't really know my way round win 2k3 server that well

Thanks again

ajs1976

Try using the password of W1nd0wz! that should meet the complexity requirements. A strong password has three of four character types. The types are: Upper case letters, lower case letters, numbers, and symbols. I believe the default minimum lenght is 6 or 8 characters.

(Guess I should have read Royal's post before I posted)