Group Policy Password Problem

R

Renato Oliveira

Hi.

I have a big problem here: My system is Windows2000Server SP3, and all Group Policies rules, when I look at LOCAL POLICY (or another)\COMPUTER CONFIGURATION\WINDOWS SETTINGS\SECURITY SETTINGS\ACCOUNT POLICIES\PASSWORD POLICIES are set that way:

Enforce Password History: 0 passwords remembered
Maximum Password Age: 0
Minimum password age: 0 days
Minimum password length: 0 characters
password must meet complexity requirements: Disabled
store password using reversible encryption for all users in the domain: Disabled

When a try to reset some user password, or create a new user with "123" password, for exmaple, I receive the message: "Windows cannot complete the password change for %username% because: The password does not meet the password policy requirements. Check the minimum pawword length, password complexity and password history requirements"...

The Event Viewer shows something like this:
Logon Failure:
Reason: The specified account's password has expired
User Name: USERNAME
Domain:
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: \\HOSTNAME

Please, does anybody can help me???

Thanks.



Renato Oliveira
 
B

Buz [MSFT]

Here are a few ideas on this:

1. Check the following registry entry, looking for a password filter (not just
passfilt.dll any password filter)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages

2. 269236 Changes Are Not Applied When You Change the Password Policy
http://support.microsoft.com/?id=269236

3.Password polices are not applied in the same fashion as other settings in the GPO.
Domain controllers pull some security settings only from group policy objects
linked to the root of the domain. These settings must be the same for all users
through out the domain and can not be blocked for any user.


4. Are you running the DSCLIENT for WIndows 9x? If you are be sure you have the latest version available.

Buz Brodin
MCSE NT4 / Win2K
Microsoft Enterprise Domain Support

Get Secure! - www.microsoft.com/security

This posting is provided "as is" with no warranties and confers no rights.

Please do not send e-mail directly to this alias. This alias is for newsgroup purposes only.


Other detail: My clients are Windows98.

Thakns again.

Renato
Hi.

I have a big problem here: My system is Windows2000Server SP3, and all Group Policies rules, when I look at LOCAL POLICY (or another)\COMPUTER CONFIGURATION\WINDOWS SETTINGS\SECURITY SETTINGS\ACCOUNT POLICIES\PASSWORD POLICIES are set that way:

Enforce Password History: 0 passwords remembered
Maximum Password Age: 0
Minimum password age: 0 days
Minimum password length: 0 characters
password must meet complexity requirements: Disabled
store password using reversible encryption for all users in the domain: Disabled

When a try to reset some user password, or create a new user with "123" password, for exmaple, I receive the message: "Windows cannot complete the password change for %username% because: The password does not meet the password policy requirements. Check the minimum pawword length, password complexity and password history requirements"...

The Event Viewer shows something like this:
Logon Failure:
Reason: The specified account's password has expired
User Name: USERNAME
Domain:
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: \\HOSTNAME

Please, does anybody can help me???

Thanks.



Renato Oliveira
 
R

Renato Oliveira

Other detail: My clients are Windows98.

Thakns again.

Renato
Hi.

I have a big problem here: My system is Windows2000Server SP3, and all Group Policies rules, when I look at LOCAL POLICY (or another)\COMPUTER CONFIGURATION\WINDOWS SETTINGS\SECURITY SETTINGS\ACCOUNT POLICIES\PASSWORD POLICIES are set that way:

Enforce Password History: 0 passwords remembered
Maximum Password Age: 0
Minimum password age: 0 days
Minimum password length: 0 characters
password must meet complexity requirements: Disabled
store password using reversible encryption for all users in the domain: Disabled

When a try to reset some user password, or create a new user with "123" password, for exmaple, I receive the message: "Windows cannot complete the password change for %username% because: The password does not meet the password policy requirements. Check the minimum pawword length, password complexity and password history requirements"...

The Event Viewer shows something like this:
Logon Failure:
Reason: The specified account's password has expired
User Name: USERNAME
Domain:
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: \\HOSTNAME

Please, does anybody can help me???

Thanks.



Renato Oliveira
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Group Policy Not Being Applied?? 11
Password Policy not working properly 2
Do my account policies really work ? 4
Security Settings for Password Policy and User properties 6
Password Change 2
Password Complexity Policy 1
Password policy settings not applied to clients 3
Enable Password Policy question 1

Top