-
Title
Password Manager Password Policies should match Active Directory Password Policies -
Description
Password Manager password minimum length policy was set as '8'.
When end user wanted to set a new password of 8 characters, PM end user site shows password requirement met:
but after clicking Next "Your Password does not comply with configured password polices" error message was shown:
-
Cause
Active Directory linked to Password Manager had minimum password length set as '10' in Domain password policy.
This does not match the minimum password length policy setting of '8' in Password manager.
-
Resolution
Password Manager Password Policies should match Active Directory's Password Policies.
Reason is Password Manager works in conjunction with Native Windows security policies, and the more restrictive of the two will be enforced.
In this case password minimum length of 10 set in the Active Directory is more restrictive. Hence the policy in Active Directory is enforced instead of the one set in Password manager (e.g. minimum password length of 8).
To avoid future confusion, it is recommended to match password polices on both the Password Manager and the Native Active Directory.