Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain

active-directory adfs windows-server-2012-r2 password-policy

Although I change the minimum password age in the password policy but I still had to change the minimum password age to 0:00:00 in the ADSI Editor for the DC i'm in.

@JimB and @Craig620, your help is greatly appreciated.


Domain controllers ignore password, lockout, or Kerberos policy settings defined at an organizational unit, such as the Domain Controllers OU.

You should define legacy password policies in the Default Domain Policy or another top-level GPO.

As a test I created password policy settings in both the Default Domain Policy and Default Domain Controllers Policy. See the Winning GPO:

enter image description here

Reference:

https://technet.microsoft.com/en-us/library/cc756064%28v=ws.10%29.aspx

Related

“Disable machine account password changes” Group Policy setting - when should it be enabled?
Keeping track of SSH private keys without comments
Block RSA authentication when password is expired
Expect script too fast: add a sleep between each line read from a file
Hadoop - Name Node and Data Node on the same machine
How to automate RFC2307 attributes in Active Directory?
How to tell when a managed service account password last changed
Is it possible to change the SSL binding order in IIS?
Solr Search - java.util.Map$Entry cannot be resolved
Windows 2012 DNS server phase out
How do I use busybox and ftpd to get access to my embedded system
Remove Cached UNC URL Credentials Win 10/Server 2012