|
|
 FAQ
 Search
 Memberlist
 Usergroups
 Register
 Profile
 Private messages
 Log in
|
|
| Author |
Message |
JnrConsultant
Guest
|
 Posted: Tue May 16, 2006 5:09 pm Post subject: User creation - password policy rejection |
 |
|
I've got a freshly created domain/active directory installation using
Windows Server 2003 Enterprise edition.
I've disabled Password Complexity option under Domain Security and Domain
Controller Security.
Whenever I go to create a new user account, regardless of the combination of
letters and numbers and length I use for the users password (i've tried quite
a few) it stops me with the following message:
"Windows cannot set the password for "username" because: The password does
not meet the password policy requirements. Check the minimum password length,
password copmlexity and password history requirements.
Anyone help with this?
Thanks in advance
--
-- Jnr Consultant -- |
|
| Back to top |
|
 |
|
|
Carlo Cacciafesta
Guest
|
| Posted: Tue May 16, 2006 5:38 pm Post subject: RE: User creation - password policy rejection |
|
|
"JnrConsultant" wrote:
| Quote: |
I've got a freshly created domain/active directory installation using
Windows Server 2003 Enterprise edition.
I've disabled Password Complexity option under Domain Security and Domain
Controller Security.
Whenever I go to create a new user account, regardless of the combination of
letters and numbers and length I use for the users password (i've tried quite
a few) it stops me with the following message:
"Windows cannot set the password for "username" because: The password does
not meet the password policy requirements. Check the minimum password length,
password copmlexity and password history requirements.
Anyone help with this?
Thanks in advance
--
-- Jnr Consultant --
|
It's best practice not to modify the 2 default policies (Default Domain
Policy and Default Domain Controllers Policy). If you need to apply password
policy settings that diverge from the default settings, you should create a
new GPO instead and link it to the root container for the domain, or to the
Domain Controllers OU and assign it a higher priority than the built-in GPO.
If two GPOs that have conflicting settings are linked to the same container,
the one with higher priority takes precedence.
You can find an example here:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/strngpw.mspx
Try to set the default policies back to their original state, then do as
described in the above article.
Hope it helps.
Regards,
Carlo |
|
| Back to top |
|
|
Brian Delaney
Guest
|
| Posted: Wed May 17, 2006 6:58 am Post subject: RE: User creation - password policy rejection |
|
|
It is simple... the password is not complex enough.
http://support.microsoft.com/?kbid=821425
When you set the Passwords must meet complexity requirements policy setting,
and a user logs on to the computer or to a domain and types a password in the
Change Password dialog box that does not meet the complexity requirements,
the user receives the following message:
Your password must be at least x characters; cannot repeat any of your
previous x passwords; must contain capitals, numerals or punctuation; and
cannot contain your account or full name. Please type a different password.
Type a password which meets these requirements in both text boxes.
This message is expected behavior when a user tries to change the password
and the password does not meet the complexity requirements that you set.
However, some of the content of the message may be confusing to some users
because it does not explicitly specify that the password must contain at
least three of the following four character groups:
• English uppercase characters (A through Z)
• English lowercase characters (a through z)
• Numerals (0 through 9)
• Non-alphabetic characters (such as !, $, #, %)
--
Brian Delaney, MCSE
"JnrConsultant" wrote:
| Quote: |
I've got a freshly created domain/active directory installation using
Windows Server 2003 Enterprise edition.
I've disabled Password Complexity option under Domain Security and Domain
Controller Security.
Whenever I go to create a new user account, regardless of the combination of
letters and numbers and length I use for the users password (i've tried quite
a few) it stops me with the following message:
"Windows cannot set the password for "username" because: The password does
not meet the password policy requirements. Check the minimum password length,
password copmlexity and password history requirements.
Anyone help with this?
Thanks in advance
--
-- Jnr Consultant -- |
|
|
| Back to top |
|
|
JnrConsultant
Guest
|
| Posted: Wed May 17, 2006 3:47 pm Post subject: RE: User creation - password policy rejection |
|
|
Hi Brian,
Thank you very much, it really was that simple, I had to use both lower and
upper case and numbers all in the password.
Absently mindely I had not added the "everyone" group to my default Group
Policy and as a result the disabling of Password Complexity was not working
when I tried to create a normal user.
Regards,
--
-- Jnr Consultant --
"Brian Delaney" wrote:
| Quote: | It is simple... the password is not complex enough.
http://support.microsoft.com/?kbid=821425
When you set the Passwords must meet complexity requirements policy setting,
and a user logs on to the computer or to a domain and types a password in the
Change Password dialog box that does not meet the complexity requirements,
the user receives the following message:
Your password must be at least x characters; cannot repeat any of your
previous x passwords; must contain capitals, numerals or punctuation; and
cannot contain your account or full name. Please type a different password.
Type a password which meets these requirements in both text boxes.
This message is expected behavior when a user tries to change the password
and the password does not meet the complexity requirements that you set.
However, some of the content of the message may be confusing to some users
because it does not explicitly specify that the password must contain at
least three of the following four character groups:
• English uppercase characters (A through Z)
• English lowercase characters (a through z)
• Numerals (0 through 9)
• Non-alphabetic characters (such as !, $, #, %)
--
Brian Delaney, MCSE
"JnrConsultant" wrote:
I've got a freshly created domain/active directory installation using
Windows Server 2003 Enterprise edition.
I've disabled Password Complexity option under Domain Security and Domain
Controller Security.
Whenever I go to create a new user account, regardless of the combination of
letters and numbers and length I use for the users password (i've tried quite
a few) it stops me with the following message:
"Windows cannot set the password for "username" because: The password does
not meet the password policy requirements. Check the minimum password length,
password copmlexity and password history requirements.
Anyone help with this?
Thanks in advance
--
-- Jnr Consultant -- |
|
|
| Back to top |
|
|
|
|
