Password Policy 2

[maximusimo]

Hi,

Small Business Server 2003

I have a Domain Password Policy set up within Group Policy Management:

http://i83.photobucket.com/albums/j300/maximusimo/GPPM.png

I am having problems with it though when it comes to the time when users have to change their passwords. It keeps bringing up the dialog box telling them their new password does not meet complexity requirements. Now the problem is that they do, no matter what they try it does not work. Although when i go into the users' properties within Active Directory and check 'User must change password on next logon' in the Account tab they can change their password.

Any ideas?

 

[elmurado]

I think it's because you have the min password age set to 90 and the max to 91.
My min is 1 and my max is 45.
That means they cannot change the password themselves until one day has elapsed since they last changed it. Yours means until 90 days have elasped.
HTH

 

[58sniper]

Elmurado is correct (and I've given him a star for it).

I don't recommend you set a minimum password age very low if you are restricting how often they can reuse passwords. For example, if you say they can't use the last 10 passwords, but set to minimum password age, they could change the password 10 times, and be back at their original password.

Set the minimum to something like 10 days, and the max to 90 days.

Pat Richard
Microsoft Exchange MVP
Contributing author Microsoft Exchange Server 2007: The Complete Reference

 

[elmurado]

Thanks Pat.

 

[maximusimo]

Thanks alot guys.