Reset password problem

[IndyCoder]

I have a windows 2000 native domain running windows 2003 server sp2. Recently I have heard that our users are having trouble changing their passwords. When the help desk resets a password and then checks the box to have the user change at next logon they can not. The users get the complexity requirements message and we have verified that it does meet the requirements by entering it for them. The only thing I am stuck on at this point is t seems that if we uncheck the force user to change password at next logon they can logon with the password it has been reset to.

I am wondering if the minimum days of 2 in the password policy is affected by administratively resetting the password through ADUC.

Any help would be appreciated.
Thanks
-john

 

[Davetoo]

No, an admin reset with the requirement to change at next login is not stopped by a minimum password age.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

 

[lhuegele]

The complexity checks aren't done when you reset a password from AD, and more than likely your users are trying to enter simple passwords or the same password they used before.

Check your global policy and make sure the password complexity settings are how you want them to be.

We don't allow anyone to use any of the same 5 last passwords, and they must have at least 8 characters, and also contain at least 1 number and 1 special character (such as the shift-numbers !@#$% etc.)

Good luck.