Re: Password must meet complexity requirements

On the server where you're performing these tests, check Administrative
Tools -> Domain Security Policy.

This policy referes to Default Domain Policy, and it's replicated every 5
min accross DCs.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Deb H" <DebH@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:63008EBF-55F0-4A12-9E11-C9833B791D1F@xxxxxxxxxxxxxxxx
I am sorry. I am using the GPO Management tool looking at the PDC. Is there
somewhere else to see that it is refreshed?

"Jorge Silva" wrote:

Did you check if the policy on the DC is refreshed?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Deb H" <DebH@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A9E4A5B8-9883-4CFE-B02A-A63B571C4902@xxxxxxxxxxxxxxxx
The same result. The complexity piece just doesn't seem to be applied.

"Jorge Silva" wrote:

did you run the commands on the server?
What happens when you try to change the user's password on the server?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Deb H" <DebH@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:22CF15C2-12B7-45C1-A7A3-BC6997B90E18@xxxxxxxxxxxxxxxx
When I run a gpresult and net accounts, it show that the policy is
applied. I
have tested changing the password on an XP pc. It does not allow me
to
use
a
previous password or password less than 7 characters (as I put in my
policy).
But it doesn't seem to meet the complexity requirements. I am able
to
change
the password to all lower case with no special characters or
numbers.

"Herb Martin" wrote:

"Deb H" <DebH@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9B11A881-A048-402C-9A73-BCA7F3032548@xxxxxxxxxxxxxxxx
I have configured my Group Policy for the domain to have passwords
meet
the
complexity requirements. However, when I test this, the password
does
not
reflect complexity. Any Ideas on how I might correct this?

Security Account Policies are ONLY EFFECTIVE at the DOMAIN level.
(Password, Kerberos, Lockout.)

You must link the GPO to the domain to see an effect (not OU or
Site)
with these policies.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]











.

Relevant Pages

  • Re: administrator locked out of SBS 2003
    ... Try to logon to the console using this account. ... see which groups the administrator is a member of and post back ... Even the VMware KB's as I've all ready discovered the server V2.0 ... so I deleted the policy. ...
    (microsoft.public.windows.server.sbs)
  • Re: Must all users be administrators?
    ... The familiar look of the AD objects tree you see in Group Policy Editor is ... This seems modestly confusing to an SBS Administrator because there's very ... those rights happen to be nearly unlimited. ... sit a workstation logged on as the Local Administrator, by default, there ...
    (microsoft.public.windows.server.sbs)
  • Re: GP loopback processing on Windows 2003 terminal service, strange problem!
    ... You should not have to go through all that to get the policy to work ... Check that your other W2003 Server points ONLY to the domain controller ... > any other GP's then logging on to the TS server. ... > is not local administrator on this TS server? ...
    (microsoft.public.windows.group_policy)
  • Re: windows 20000 problem
    ... So you are saying the problem is on just this one particular server that is ... in an OU with other servers that do not lock down the domain admin account. ... The part about logging in as local account that bypasses this policy ... > and the administrator is in an OU where the policy doesnt apply. ...
    (microsoft.public.win2000.security)
  • Re: administrator locked out of SBS 2003
    ... enterprise admins ... group policy creator owners ... Other than lacking exchange administrator this is pretty much normal. ... Even the VMware KB's as I've all ready discovered the server V2.0 ...
    (microsoft.public.windows.server.sbs)