ASP.NET ChangePassword error using ActiveDirectoryMembershipProvid

I have an ASP.NET 2.0 site that I am using ActiveDirectoryMembershipProvider
against Active Directory and forms authentication. I am using the drag and
drop controls from VS2005 for login, passwordRecovery, CreateUserWizard, and
ChangePassword. I have extended the AD schema to allow for passwordRecovery.
Everything works except changePassword. I can go into the AD and change the
password for a user, but if I try through my web app, using a password of the
proper length and complexity, I get an error returned saying 'The password
does not meet the password policy requirements. Check the minimum password
length, password complexity and password history requirements. (Exception
from HRESULT: 0x800708C5)' I have been struggling with this for days. Any
ideas? Here is my web.config:

<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://11.134.6.2/OU=Customers,DC=pfweb,DC=net"/>
</connectionStrings>

<authentication mode="Forms">
<forms name=".ADAuthCookie" loginUrl="login.aspx"
defaultUrl="default.aspx" protection="All" timeout="30" path="/"
requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile"
domain="" enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1"/>
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<membership defaultProvider="ADMembershipProvider">
<providers>
<add name="ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0,
Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="myweb\auth_srv"
connectionPassword="ppassword"
attributeMapUsername="sAMAccountName"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
attributeMapPasswordQuestion="PennFoster-User-forgotpwdquestion"
attributeMapPasswordAnswer="PennFoster-User-forgotpwdanswer"

attributeMapFailedPasswordAnswerCount="PennFoster-User-failedanswercount"

attributeMapFailedPasswordAnswerTime="PennFoster-User-lastfailedanswertime"

attributeMapFailedPasswordAnswerLockoutTime="PennFoster-User-accountlockedtime"
requiresUniqueEmail="true"
enableSearchMethods="false"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
applicationName="biadmin"
/>
</providers>
</membership>


.

Relevant Pages

  • Re: ASP.NET ChangePassword error using ActiveDirectoryMembershipProvid
    ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... against Active Directory and forms authentication. ... does not meet the password policy requirements. ... password complexity and password history requirements. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Retriving the password programatically from Active Directory
    ... how about providing an option to reset the ... > the user in the Active Directory? ... Use setpassword instead of changepassword. ...
    (microsoft.public.windows.server.scripting)
  • Re: Changing administrator password
    ... > default profile in Active Directory and locally on the ... > When I try to reset the Administrator password in Active ... > password policy requirements. ... pasword complexity and password history ...
    (microsoft.public.windows.server.active_directory)
  • Re: Retriving the password programatically from Active Directory
    ... >> stored in the Active Directory? ... >> I was able to retrieve all the properties but not the ... Is there a way to programatically reset the password of ... when I try to use ChangePassword it says "the server is ...
    (microsoft.public.windows.server.scripting)
  • Re: touble to create a new user in windows server 2003
    ... Make sure the Password Complexity is set to not configured in the default ... domain policy. ... create a new user in the active directory, it does not let me to create it. ... It keeps saying the password not good no matter what the password I set. ...
    (microsoft.public.windows.server.active_directory)
Loading