User's can't change password

M

MadDog

This is strange. Starting yesterday, we've had users whose passwords have
expired try to change their passwords, but they can't. We have a password
complexity requirement and when the users try to change their password, the
change fails and the complexity requirement dialog box is displayed. I've
verified that the complexity issue has indeed been met. We have a test user
and I've verified that I cannot change the password. This user's password
was NOT close to expiring. On our FSMO role holder, I've run NETDIAG and
DCDIAG and both run clean with no errors. EventViewer looks clean too. No
replication problems (replmon).....No Group Policy problems (no errors in
logs).

We have had problems for a while with user accounts getting locked out
several times a day and have been unable to pinpoint the cause. It was
random and effected different users for a period of time, then 'moved on' to
different users.

The environment is as follows:

Windows 2003 servers (fully patched) Mixed mode, 14 locations, DCs in each
location, each DC is a GC server
XP & Windows 2000 Clients (fully patched)

Any thoughts would be appreciated,
Chris
 
M

MadDog

MadDog said:
This is strange. Starting yesterday, we've had users whose passwords have
expired try to change their passwords, but they can't. We have a password
complexity requirement and when the users try to change their password,
the change fails and the complexity requirement dialog box is displayed.
I've verified that the complexity issue has indeed been met. We have a
test user and I've verified that I cannot change the password. This user's
password was NOT close to expiring. On our FSMO role holder, I've run
NETDIAG and DCDIAG and both run clean with no errors. EventViewer looks
clean too. No replication problems (replmon).....No Group Policy problems
(no errors in logs).

We have had problems for a while with user accounts getting locked out
several times a day and have been unable to pinpoint the cause. It was
random and effected different users for a period of time, then 'moved on'
to different users.

The environment is as follows:

Windows 2003 servers (fully patched) Mixed mode, 14 locations, DCs in each
location, each DC is a GC server
XP & Windows 2000 Clients (fully patched)

Any thoughts would be appreciated,
Chris
Click to expand...

UPDATE:

I found a KB article, that didn't exactly apply to this situation, but gave
it a shot. http://support.microsoft.com/?kbid=273004. It has worked on our
test user, but will wait to see if it works with others.

Now the difference for us is that we did have this policy defined: 2 days.
I've changed the minimum password age policy from 2 days to the kb article's
recommendation of 0 days. I'll post back any results.
 
M

MadDog

MadDog said:
UPDATE:

I found a KB article, that didn't exactly apply to this situation, but
gave
it a shot. http://support.microsoft.com/?kbid=273004. It has worked on our
test user, but will wait to see if it works with others.

Now the difference for us is that we did have this policy defined: 2 days.
I've changed the minimum password age policy from 2 days to the kb
article's
recommendation of 0 days. I'll post back any results.
Click to expand...
Changing to 0 days has seemed to solve the issue.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

User can't change password 3
Problem with password expirations 1
Password Policy not working properly 2
Password Changing 1
Password Complexity Requirement question 2
Password Complexity question (Group Policy) 1
Password policy not enforced 1
Administrator can't change password! 3

Top