Administrator resetting password

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a problem with an application that executes on the admin ID for resetting the password in AD...which I discovered was not working...so I tested the access rights with the AD Users and Computers console and tried a reset with the admin ID there too by right-clicking the user....nothing doing there either. Times out with an error that tells me there might be a password history, complexity or minimum length problem. I have made NO changes to the Policies....any ideas ?
 
Check your domain password policy in the Domain Security Policy or if you have more
than one GPO for the domain check the highest GPO in the domain in the list. You can
use "net accounts" on a domain controller to see what your account policy is other
than complexity. If you don't want complexity enabled make sure it is disabled and
not undefined. You do not want any undefined settings in you account policies. ---
Steve


RB said:
I have a problem with an application that executes on the admin ID for resetting
Click to expand...
the password in AD...which I discovered was not working...so I tested the access
rights with the AD Users and Computers console and tried a reset with the admin ID
there too by right-clicking the user....nothing doing there either. Times out with an
error that tells me there might be a password history, complexity or minimum length
problem. I have made NO changes to the Policies....any ideas ?
 
Hi Steven...
I did as you suggested and removed all the 'Undefined' settings in the GPO for the Account Policy at the Domain level....no change :-(
I have looked into the GPO for the DC also and taken all the Undefined settings out too but that had no influence either. Is there a document witha list of all the defaults that I can reset from the start since I don't think there is a way to reset everything back to default until 2003.
The most confusing part about this is that it just came out of nowhere and I still cannot reset the users password with a right click...Reset Password !
Thanks...Richard
 
microsoft.public.win2000.security news group, =?Utf-8?B?UkI=?=
since I don't think there is a way to reset everything back to default until 2003.
Click to expand...

Search Help and Support for DCGPOFIX.
 
Thanks Paul...but that file does not ship with the Windows 2000 Advanced Server.
Any other suggestions ?
 
microsoft.public.win2000.security news group, =?Utf-8?B?UkI=?=
Thanks Paul...but that file does not ship with the Windows 2000 Advanced Server.
Any other suggestions ?
Click to expand...

Sorry, I missed the "until 2003".

Search the KB for reset GPO...
 
I applied the reset GPO for the Security Settings and the User Rights and now I am locked out completely.
There was a large discrepancy between what was in the gpttmpl.inf file and the recommended settings in the documents. The secedit tool worked fine but has now locked out the Administrator.
What now ?
 
The other thing to check would have been that block inheritance is not set on the
Domain Controller Security Policy and to look in Event Viewer for any pertinent error
messages. The KB below lists default account policy settings for the domain. The
easiest way to implement would be to manually enter the settings in the domain
policy. A zero would indicate a disabled setting. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q269236
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q226243&

RB said:
Hi Steven...
I did as you suggested and removed all the 'Undefined' settings in the GPO for the
Click to expand...
Account Policy at the Domain level....no change :-(
I have looked into the GPO for the DC also and taken all the Undefined settings out
Click to expand...
too but that had no influence either. Is there a document witha list of all the
defaults that I can reset from the start since I don't think there is a way to reset
everything back to default until 2003.
The most confusing part about this is that it just came out of nowhere and I still
Click to expand...
cannot reset the users password with a right click...Reset Password !
 
Back
Top