0

We have 3 Domain Controllers. DC1( Central DC) , DC2 (ADC) , DC3 (ADC)

FSMO roles are shown below

Schema master -DC1 Domain naming master -DC1 PDC -DC3 RID pool manager -DC3 Infrastructure master -DC2

We can password reset and also can create new user in AD (DC2). DC2 server is working fine. The OS version of the working server is windows server 2016.

But we cannot do these things with these 2 servers.(DC1, DC3) When we going to reset user's password , going to create a new user , below error is happening.

Windows cannot complete the password change for __ because: The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.

The OS version of the working (DC1, DC3) server is Microsoft Hyper V server 2019.

The same password policy is configured for these 3 servers.

Enforce password history 5 passwords remembered Maximum password age 45 days Minimum password age 0 Days Minimum password length 8 characters Minimum password length audit Not Defined Password must meet complexity requirements Enabled Store passwords using reversible encryption Disabled

I want to fix this issue. Could you please help me ?

Thanks

Improve this question
1
  • The first thing to check is replication. Is it working correctly? Commented Sep 25, 2022 at 11:18

1 Answer 1

Reset to default
0 
Windows cannot complete the password change for __ because: The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.

There is probably a group policy in place which enforces a complex password. With gpresult /v and a RSOP query you should see which policy. https://activedirectorypro.com/how-to-configure-a-domain-password-policy/

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.