Re: Users unable to change passwords when prompted

I had passwords must be complex selected but removed it and updated the
policy. (it has also been over a month now with the policy) I tried many
different passwords that meet the requirements, but still nothing. I've set
up password policies for larger organizations and never have run into this
problem.

Nothing is logging on the server as to why it is refused. I turned up the
logging to see if I will get more.

For these guys I edited the default domain password policy using the group
policy management tool.

Perhaps a packet sniffer will give me more to go on.


"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:epzcx2ThIHA.6136@xxxxxxxxxxxxxxxxxxxxxxx
Andrew <andrewr@xxxxxxxx> wrote:
I already check the usually suspects and it is not checked. This is
happening to all users (10) also.

Did you check with the password I suggested?

Event logs?


How/where did you create the policy?



"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:%23YNPbBThIHA.3788@xxxxxxxxxxxxxxxxxxxxxxx
Andrew <andrewr@xxxxxxxx> wrote:
I've configured a password policy for users to change their
passwords, but when it comes time for them to change, users are
unable to. They get a message saying that they do not have
permissions to change them

Check their ADUC properties to make sure there is no tickbox next to
"user cannot change password"

or it does not meet what the policy as
outlined as a requirement.

A good test is a phrase -

My sysadmin is mean!

If that doesn't work it can't be complexity that's the problem.

In troubleshooting this I have removed all complexity to the
password policy

That can take a whileto go away, IIRC

and still they can not change their passwords. They can change
them if I set the account to change password at next logon, but this
doesn't solve my problem. I have read that SP1 for XP fixes this
problem, but my users are running XP SP2.

Any ideas.

This isn't an XP issue at all, so it can't be a service pack issue
on the client. This is a server-side thing.





.

Relevant Pages

  • Re: Reasons and examples for security
    ... Roger Abell ... >> "Use passphrases" (with some details tbd relative to retraints ... >> on length minimum and relationship with complexity policy). ...
    (microsoft.public.security)
  • RE: Problem after setting password complexity
    ... change password after you enable "password must meet complexity ... I suggest you configure the password policy under "domain security ... Password must meet complexity requirements Enabled ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: MU team brews its own, cheaper gas
    ... If you're a decision-maker suffering from these acute symptoms it may be time to ask your doctor about Complexity Science: a nascent, interdisciplinary field exploring the structure, behavior and dynamics of complex systems. ... Catalyst's "Forum on Complexity and Transportation Policy," to be held June 15th at the Cosmos Club in Washington, DC is the second of a four-part series exploring the new public policy insights offered by complexity science. ... Catalyst is pleased to feature two of the most highly esteemed individuals in the field of transportation policy today: Dr. Tom Downs and Dr. Carl Simon. ...
    (sci.fractals)
  • Re: Password must meet complexity requirements
    ... I am getting the complexity message. ... The Default Domain Policy must be linked but not enforced. ... (one of the reasons we suggest you never modify the Default Policies ... replicate and see what happens. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Password Policy
    ... You minimum password age is badly high. ... Steve Riley wrote an excellent article on why password complexity is not so ... allowed to change their password before it expires. ... You can circumvant a bit the password policy by having 'password never ...
    (microsoft.public.windows.group_policy)