[Solved] unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain

Few days back one of my client called me saying that, domain users cannot change their password when they required. Every time they try to change the password, they have been facing issue like below snapshot.

unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.”

change-password

On the beginning analysis, I thought the user haven’t provide the new password that meets the requirement of the policy. So, tried with something complex which include Alphanumeric character with symbols. Even providing the most complex password, error has been appearing same for me too. As the error, has been prompting, I tried to check the event viewer if I could find some error regarding this. But no luck. After that I went to check the password policy for the domain controller, if there was something wrong on it. Looking over the password policy I found it good and as expected on below snapshot. Now the problem is why the heck, I cannot change password for the user. And during all these times strange thing was, Administrator (Domain Administrator) was able to reset the user password and if there is check on ‘change password on next logon’ user was able to change their password.

password-policy

Now the thing is, what could be the issue???? I was stuck here… Suddenly, I thought of checking the domain DCDIAG all the domain controller on the environment. And that was luck… :D, I found the error of DFSR and KCC on one of Domain controller as of below.

 

Starting test: DFSREvent

         The event log DFS Replication on server Domain fqdn

         could not be queried, error 0x6ba “The RPC server is unavailable.”

         ……………………. Domain Fqdn failed test DFSREvent

      Starting test: SysVolCheck

         ……………………. DOMAIN FQDN passed test SysVolCheck

      Starting test: KccEvent

         The event log Directory Service on server DOMAIN FQDN

         could not be queried, error 0x6ba “The RPC server is unavailable.”

         ……………………. DOMAIN FQDN failed test KccEvent

 

So, I tried with fixing the error I have been getting on. Since that Domain Controller was on the DR site, I found some port were missing on the firewall side to communicate. There I added those ports and established the proper replication across all the domain controller.

 

Bingo… it worked… so culprit was the replication issue. It seems weird, but occurred to me. J Hope this is helpful to you all.

One Comment

Add a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.