-
Título
Error: This new password does not meet domain's password policy requirements -
Descrição
When trying to change a password for a Active Directory User within a QAS client. The following message is displayed:
This new password does not meet your domain's password policy requirements, Contact your Administrator for information on the minimum password length,
password complexity, and password history requirements. passwd: Authentication token manipulation error -
Causa
This error comes straight from Active Directory.
-
Resolução
The password policy that is mentioned in that reply is the policy set in Active Directory.WORKAROUND 1:
This can be checked by running the Domain Security Policy on your domain controller:
Start | Programs | Administrative Tools | Domain Security Policy
Once this opens, Expand
Account Policies | Password Policy
Here it will show you what is defined. The AD users will have to adhere to these rules.
WORKAROUND 2:To check the policy for the QAS client use the vastool info adsecurity command.
Here is an example of the command and the output:
-bash-3.00# /opt/quest/bin/vastool -u administrator info adsecurity
Password for administrator@I.TS.HAL.CA.QSFT:
Password policies for domain i.ts.hal.ca.qsftDefault Domain Password Policy
________________________________________________________________________________
Enforce password history : 24 passwords remembered
Maximum password age : 42d:0h:0m:0s
Minimum password age : 1d:0h:0m:0s
Minimum password length : 4 characters
Password must meet complexity requirements : FALSE
Store password using reversible encryption : FALSEAccount Lockout Policy:
Account lockout duration : 0d:0h:30m:0s
Account lockout threshold : 2 invalid logon attempts
Reset account lockout counter after : 0d:0h:30m:0s
________________________________________________________________________________