Hello, so you have the password policy configured on domain level only? If you run rsop.msc logged on as a user you see the applied GPO? Are all machines in the domain using only the domain DNS servers on the NIC? Are they all in the same AD site located or in different ones? If this only belongs to some users they will not fullfill the requirements for the settings. Please check here about the needs: http://technet.microsoft.com/en-us/library/cc786468(WS.10).aspxBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

I am running into a strange problem since turning on the complexity requirements for AD passwords. I have a hand full of users that no matter what they try to enter for their password it tells them it does not meet complexity requirements. I am able to take the same password they are trying to enter and go to AD and reset the password that way. There is no common thread between these users accounts they are not all in the same container, and at the same time there is nothing different about there accounts from other users who do not have this problem. Has anyone seen this issue before or know of any bug or anything like that with AD that would cause these users not to be able to reset their passwords? Thanks for any help

The password policy is configured at the domain level. The applied GPO does show when I run rsop logged in as the user All machines are only using domain DNS servers They are all in the same site but not in the same OUs

Hi, Each domain can have only one Account policy. The Account policy must be defined in the Default Domain Policy or in a new policy that is linked to the root of the domain and given precedence over the Default Domain Policy, which is enforced by the domain controllers in the domain. According to your description, it seems that the accournt policy was defined in a new GPO (not Default Domain Policy) that was linked to the domain level, if so, you need to check whether you gave precedence over the default domain policy. Domain Level Account Policies http://technet.microsoft.com/en-us/library/cc748850(WS.10).aspx If the issue persists, please check the following KB. Users Receive a Password Complexity Requirements Message That Does Not Specify Character Group Requirements for a Password http://support.microsoft.com/kb/821425 You receive a warning message that does not correctly describe the password requirements when you set a new password that does not meet the requirements in Windows Server 2003 http://support.microsoft.com/kb/931310 BrentPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Suggest you find some AD password recovery software to help you solve your AD password problem. Such as: Windows Password Recovery Corporation It is designed to reset password for Windows Server Active Directory(AD). How to Reset Windows Password with USB?

Suggest you find some AD password recovery software to help you solve your AD password problem. Hello Calio, please describe why you post here links to tools taht will not help the OP to solve the problem. This way it seems to be just SPAM.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.