![]() If the samAccountName is less than three characters long, this check is skipped. The samAccountName is checked in its entirety only to determine whether it is part of the password. ![]() Passwords must not contain the user's entire samAccountName (Account Name) value or entire displayName (Full Name) value. In addition to the complexity requirements, complex passwords cannot contain the users' First Name, Last Name or username. ![]() You can blame Microsoft for this one as they never created seperate error messages for difference casues of being unable to set the password.Īlso note: That policy could be set either in AD or in the machines local policy. This is a very common problem where you reset a forgotten password for a user and tick the 'user must change password on next logon box', the user tries to change the password but because the password has been changed already, say within the last day, windows will error out. If the password has been changed within that threshold, even by an administrator, Windows/AD will not allow you to change it gracefully (i.e.: using the normal change password processes) again within that time period. This is most commonly set in the Default Domain and/or Default Domain Controller Policies. If this is set to anything above zero, this could be your problem. Check to see if you have a Policy that sets the "Minimum Passwird Age'.Ĭomputer > Windows Setings > Security Settings > Accounts Policies > Password Policy > Minimum Password Age.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |