Users unable to reset password after password expiry.

[Sudeep]

We have Windows 2003 based single domain Active directory.
We have configured in Group Policy- Computer Policy--Password Policy--Max
Password Age = 30 days.

However after 35-40 days users are not able to change their password and
have to request the Administrator to reset the password.

Is there a workaround to allow users to change the password after the
expiration.

regards,

Sudeep

 

[Harj]

Hi,

What other settings do you have defined within your Default Domain
Policy. i.e history, complexity, minimum age...?
When you run the command net accounts on a client machine to see what
settings are applied on the user machine?
Are there any error messages the user gets?

Harj Singh
Password Policy done right
www.specopssoft.com

 

[Roger Abell [MVP]]

Are you using a notification period that is sufficiently long, so that users
get nagged sufficiently that they eventually give in and change their pwd
before it has expired? An expired pwd is just that, expired, and will
require empowered intervention.