Having upgraded our AD to 2003 and installed two new DCs, users can no longer change their passwords. When they try they just get the following message: "Your password must be at least 6 characters, cannot repeat any of your previous 5 passwords and must be at least 21 days old. Please type a different password. Type a password which meets these requirements in both text boxes." The problem is that the password doesn't meet the requirements. What's going on? They were before.
The default password policy for a Windows 2003 domain is different. If you do not want the default password policy then you must reset it in the Password Policy section of the Default Domain Group Policy (you can access this from the Administrative Tools program on the domain controller). The policy must replicate to all DCs in the domain before the users will be able to use the new policy.
However, I would ask you to review your password policy needs. A more restrictive password policy can protect your...
Dig Deeper on Windows 10 security and management
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.