Password Change

D

dino.kyprianou

We are operating Windows 2003 Server with XP Clients. We have set a
group policy that states clients should:-

Password History = 12 remembered
Max Age = 90 days
Min Age = 30 days
Min Length = 6 characters
Complexity Requirements = enabled

However none of clients are able to change their passwords when they
need to. On the day of expiry they can change it then but not before.

Has anyone got a solution for this or any suggestions?
 
S

Steven L Umbach

Try running the command net user username for one of the users to see what
is shows for "password changeable" date to see if it is what you expect. I
would also enable auditing of account management in Domain Controller
Security Policy and then look in the security logs to see if there is a
failure recorded for password change for a user and the reason why. You
might want to reduce your minimum password age to a few days as in my
opinion thirty days is way to long. A user should be able to change their
password if they feel the need to. Setting it at a couple days will usually
dissuade most users from cycling through passwords. --- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows 2003 Password 2
Password Policy not working properly 2
Security Settings for Password Policy and User properties 6
Need Password Policy Help 3
Password Policy - GPO - Win2K3 1
Enable Password Policy question 1
Group Policy Not Being Applied?? 11
Password Change 2

Top