Roger,
can you expand on your last paragraph a bit ? We're going to be turning on
a password filter with more rigid complexity requirements before too long.
Does this mean that everyone whose current password doesn't meet the new rules
will be unable to change their password the first time ? The help desk is
going to love that...
Dave
-----Original Message-----
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 19, 2003 6:47 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Force password length problemA few things come to mind. First, did you allow enough time for replication to propagate to all domain controllers? Did you force a policy refresh on the client?Also, how did you force reset the password? Keep in mind that password changes made through ADU&C are not required to conform to the domain policies. Therefore, even with a strong password policy, an admin can set a user's password to 'password' without a problem.I've also seen issues where enforced complexity forces downlevel clients to not be able to change their passwords unless the previous password also met the complexity requirements.Roger--------------------------------------------------------------
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.-----Original Message-----
From: Gasper, Rick [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 18, 2003 4:25 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Force password length problemHi all,
I am using GPOs to force a password length of 5 characters. I force a password reset and my test account is allowed a password of zero length (blank). I checked TechNet and didn't find anything. If I don't enter the new password correctly the message I get states that I need to use a password of zero or more characters.All the other options I want to use work, i.e.: remember the 5 previous etc...
Anyone have any ideas?
Rick Gasper <><
Manager of Network Services
King's College
Wilkes-Barre PA 18711
Phone: 570-208-5845
Fax: 570-208-5989
[EMAIL PROTECTED]
