Minimum Password age set to 0

[Steven Bellamy]

Hi,

I'm having endless problems trying to get AD policies to change "Minimum
Password Age to" to Zero. Previously it was set to 8 days, and that
setting does not want to change.
I've modified the policy for the user accounts and set "Minimum Password
Age to" to Zero, run "secedit /refreshpolicy machine_policy /enforce" on
AD controllers, workstations, and even re-booted both AD controllers,
but still no change.
I keep getting the error "Your Windows password is less than the minimum
password age".

Current settings:
Enforce password history: 10
Maximum password age: 30
Minimum password age: 0
Minimum password length: 8

Any suggestions, as this is getting quite urgent.

Thanks

 

[Steven Bellamy]

Problem solved.
I typed "net accounts" at a console prompt on an AD controller and the
policies were set to the default...
I then used net accounts /MINPWAGE:0 ... to change the policies on the
domain controller.

What am I missing, as I've changed the settings in the default domain
policy (and the policy assigned to the Domain Controller container), as
well as changed the settings in "Domain Controller Security Policies"...

Thanks

 

[Rebecca Chen [MSFT]]

Hi Steven,

Great experience sharing!

Best regards,

Rebecca Chen

MCSE2000 MCDBA CCNA


Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.