|Subject:||Change password for users with blank password: Error|
|Posted by:||Gross, Michael (michael.gro…@mdm.de)|
|Date:||Thu, 05 Jun 2008|
we've got several users in our AD (2003) who have blank passwords (because
of historical reasons). We're now planning to implement a password policy
so that all users need to have a password with at least 8 characters.
For testing purposes I've created the following password policy in my test
AD (in the domain group policy object):
Enforce password history 0 passwords remembered
Maximum password age 0
Minimum password age 0 days
Minimum password lenght 8 characters
Password must meet complexity requirements Disabled
Store passwords using reversible encryption Disabled
After performing a gpupdate / force on the DC I tried to set the option
User must change password at next logon
for the users that have a blank password. Unfortunately this does not
seem to work as I am receiving the following message:
The following Active Directory error occured: Unable to update
the password. The value provided for the new password does not
meet the length, complexity, or history requirement of the
This message does not appear for users who already have a password.
I actually don't understand the message "Unable to update password"
as I don't update password but only want to set the option that the
user needs to change it!
Do you know what might be wrong here? I'm looking for a way to force
a password change for all users with blank passwords that meets the
new password policy.
Any suggestions are highly appreciated.