RE: Problem after setting password complexity
- From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
- Date: Mon, 17 Mar 2008 08:01:25 GMT
Hello Bob,
Thank you for posting here.
According to your description, I understand that the domain users unable to
change password after you enable "password must meet complexity
requirements" in domain security policy. If I have misunderstood the
problem, please don't hesitate to let me know.
Based on my research, I suggest we try the following steps to see if we can
resolve this issue:
1. I suggest you configure the password policy under "domain security
policy" as following recommended values to see if it help:
Enforce password history 24 passwords remembered
Maximum password age 42 days
Minimum password age 1 days
Minimum password length 7 characters
Password must meet complexity requirements Enabled
Store passwords using reversible encryption Disabled
2. Please ensure the "domain security policy" is properly applied on the
default domain policy in Server Management console.
a. Please open Server Management console on SBS
b. Extend to Advanced Managememt -> Group Policy Management -> Forest ->
Domains -> domain.local -> Default Domain Policy
c. Right click the Default Domain Policy, select Edit
d. Extend to Computer Configuration -> Windows Settings -> Security
Settings -> Account Policies -> Password Policy
e. Ensure the settings are properly as you see in the "administrative
tools" -> "domain security policy"
3. Please ensure the client computers properly apply the GPO. Please run
command "gpupdate /force" on every client, or restart the client computer
to apply the GPO.
If we cannot resolve the issue after we perform the above steps, please
help me collect some information for further investigation:
1. What message do you get when you try to change the user's password?
Please capture screenshots on the error messages and send the pictures to
me at v-terliu@xxxxxxxxxxxxx
2. Does this issue happen on all domain user accounts?
3. If you disable the "password must meet complexity requirements" under
"administrative tools" -> "domain security policy", does this issue
disappear?
4. Gather MPS network report on SBS:
a. Download MPSrepot_network from
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
15706/MPSRPT_NETWORK.EXE
b. Run MPSRPT_NETWORK.exe.
c. The tool will automatically collect the information. This procedure will
take 10~15 minutes.
d. Open Windows Explorer, navigate to the folder:
%SystemRoot%\MPSReports\Network\Reports\Cab\
e. Send the .cab file directly to me at v-terliu@xxxxxxxxxxxxx
I hope these steps will give you some help.
Thanks and have a nice day!
Best regards,
Terence Liu(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Bob" <Bob@xxxxxxxxxxxxxxxxx>
| Subject: Problem after setting password complexity
| Date: Fri, 14 Mar 2008 12:20:10 +1100
| Lines: 19
| MIME-Version: 1.0
| Content-Type: text/plain;
| format=flowed;
| charset="iso-8859-1";
| reply-type=original
| Content-Transfer-Encoding: 7bit
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Windows Mail 6.0.6000.16480
| X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6000.16545
| Message-ID: <upxSNGXhIHA.3648@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: wallte.lnk.telstra.net 139.130.205.10
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP06.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:98237
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi All,
|
| I recently changed the password policy on our server by going to
| "administrative tools" -> "domain security policy"
|
| I have now enabled "password must meet complexity requirements".
|
| If I set a users account to "user must change password at next logon" then
| the use is able to change passwords without a problem.
|
| But now, users are unable to change their passwords, by going to
| ctrl-alt-del -> change password.
|
| No matter how complex the password is, the server always complains that
the
| password does not meet the requirements.
|
| I tried changing minimum password age to 0, it didn't make any difference.
|
|
|
.
- References:
- Prev by Date: Louis Vuitton Pegase 60 and Odessa Computer Case Set Replica AAA, Fake HandBags Cheap
- Next by Date: RE: SBS Transition Pack CAL Part Number Question
- Previous by thread: Problem after setting password complexity
- Next by thread: Rolex Oyster Perpetual Cosmograph Daytona Mens Watch 116523-MAO Replica
- Index(es):
Relevant Pages
|
