Posted on 07-17-2017 04:48 AM
Hi All,
Has anyone seen the case when a user tries to reset their Active Directory password through system preferences and have it return the error that the password doesn't meet complexity requirements? The passwords entered meet the complexity requirements...
Posted on 07-17-2017 05:47 AM
@robiso22 Might fall under a "cannot change in 24hours" rule?
Posted on 07-17-2017 07:36 AM
The only time I seen it, is if it doesn't meet the password length, it's been used before, or the complexity requires a special character. @robiso22 .. It's using the rules currently set for AD
Posted on 07-17-2017 08:41 AM
Seen it a few times and it was because the machine fell off the domain. Perhaps look into using Apple Enterprise Connect instead? It forces the keychain to stay in Sync too. Speak to your Apple Business rep...
Posted on 07-17-2017 01:41 PM
My guess is the cooldown. A user here can't change their password within 3 days of the last change. It gives the same complexity message, which is misleading.
Posted on 07-17-2017 04:06 PM
Is the clock skewed?
Posted on 07-18-2017 12:41 AM
I used to get this regularly, it was just caused but the machine dropping off the domain. It wouldn't show that it had dropped off the domain, but all the symptoms were there and a re-bind made the issues go away.