Hello I have a couple of users who are on Windows 7 Ultimate that are attached to our Windows 2003domain.I am having trouble when their passwords expire or just when they try to change their password, when they log in they receive the normal your password has expired or is about to expire, so they try and change it and they get an error that the new password does not meet minimum requirements.Now I know for certain that the new password they are trying meets our domains minimum requirements, so is there a setting in WOndows 7 that needs changing locally?

Hi Dean132, Could you please check if the following KB can help you?Users Receive a Password Complexity Requirements Message That Does Not Specify Character Group Requirements for a Password"The Password Cannot Be Changed at This Time" Error Message When You Try to Change a User's PasswordThanks.

Thanks for your reply.The first KB article shows the error I am getting but I know that users are definitely meeting the requirements.Also Windows 7 is not on the list of affected OS'

Hi Dean132, Could you please create a new Test OU on the server without Group Policy and put Windows7 computers in this new OU?We can checkwhether the computersare affected by Domain policyor not. Hope it helps. Thanks.

I'm having a similar problem. I've got a new windows 7 user on a 2003 domain who cannot update his password as it 'doesn't satisfy complexity requirements'. I've tested it myself with a password that certainly does satisfy the requirements but receives the same error. The computer is in contact with the domain controller and the user isn't locked out. Policy is being applied to the computer/user. Is this a known issue or is there a fix?

How to Troubleshoot Active Directory Password Policy Settings http://www.anitkb.com/2010/08/how-to-troubleshoot-active-directory.html "The password does not meet the password policy requirements. Check the minimum password legth, password complexity and password history requirements." One thing that most people forget is that when complexity is enabled, the password cannot contain the user's entire Account Name or entire Full Name. The Account Name and Full Name are parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the Account Name or Full Name are split and all sections are verified not to be included in the password. There is no check for any single character or any three characters in succession. Visit: anITKB.com, an IT Knowledge Base.

I am having this issue with a 2008 environment. I have had to reset the password in AD to give him access and now he cannot change his password. I have tried myself with extremely long, complex passwords but it will not take it. Any suggestions?

I tried logging into a 2003 box and saw that it's error said that the minimum age of the password is 30 days even though the policy is set to 0 days.

Just FYI, I was having this same issue. After much wrangling and searching, I found a post that explained you cannot have group policy password policies applied by OU's -- there must be only one password policy applied, and it must be applied at the domain level. After I cleaned up my Group Policy so that I only had a single password policy, applied to the root of my domain, my users were able to change their passwords again. Hope this helps! -pete

Hello Peter, Just for clarification...It is technically possible to have more than one password policy linked in the domain. However, when targetting DOMAIN USERS, you can only have ONE domain password policy, and it MUST be linked to the domain object. If you have a GPO with Policy settings linked to an OU, the policy is valid, but it will not apply to the user objects stored in that OU. Password Policies are stored within the Computer Configuration of a GPO. Therefore, a password policy would be applied to computer objects. If you link it to an OU, the local accounts defined on the computers within the OU will be affected. Now with AD 2008, you can also create Fine Grained Password Policies which supplement the domain password policy and you are able to target users and groups. How to Implement an Active Directory Password Policy http://www.anitkb.com/2010/03/how-to-implement-active-directory.html How to Troubleshoot Active Directory Password Policy Settings http://www.anitkb.com/2010/08/how-to-troubleshoot-active-directory.html Visit: anITKB.com, an IT Knowledge Base.

Password Policies are set on computer objects however, in a domain, passwords are not managed by the local computer but rather by the DOMAIN CONTROLLER and therefore you need change the settings in a policy that will be applied to the DOMAIN CONTROLLERS. This worked for me. -Jimmy

@Jimmy, I am not sure if you understood my last posting based on your response. Let me clarify for the benfit of everyone reading this thread...Password Policies are not really user based policies. If you look at a GPO, you'll notice that password policies are contained in the computer configuration section. The GPO containing the password policies, MUST be linked to the domain object level. Domain Controllers (which are computers) read this policy and apply the settings to domain user objects. If you were to apply a GPO containing password policies at the OU level, the computers within the OU will read from this policy, and apply the policy to any local user accounts stored on those systems. I hope this helps clarify my posting. Visit: anITKB.com, an IT Knowledge Base.

Changing your password in Windows 7 is very easy. Follow the easy steps below to change your Windows 7 password: 1.Click on Start and then Control Panel. 2.Click on the User Accounts and Family Safety link. Note: If you're viewing the Large icons or Small icons view of Control Panel, you won't see this link. Simply click on the User Accounts icon and proceed to Step 4. 3.Click on the User Accounts link. 4.In the Make changes to your user account area of the User Accounts window, click the Change your password link. 5.In the first text box, enter your current password. 6.In the next two text boxes, enter the password you would like to start using. Entering the password twice helps to make sure that you typed your new password correctly. 7.In the final text box, you're asked to Type a password hint. This step is optional but I highly recommend that you use it. If you try logging in to Windows 7 but enter the wrong password, this hint will display, hopefully jogging your memory. 8.Click on the Change password button to confirm your changes. 9.You can now close the User Accounts window. 10.Now that your Windows 7 password has been changed, you must use your new password to log on to Windows 7 from this point forward. 11.Create a Windows 7 password reset disk. While not a required part of changing your password, I highly recommend that you do this. Here to know more: http://www.windows7password-lndsmth04.blogspot.com