Article ID: 273004 - View products that this article applies to.
This article was previously published under Q273004
When you try to change a user's password, you may receive the following error message:
This error can occur when the user is logged on to a client or to the server's console.
The password cannot be changed at this time.
When you reset passwords on an account by using the Active Directory Users and Computers snap-in, you may receive the following error message:
Windows can not complete the password change for user name because:
The password does not meet the password policy requirements. Check the minimum password length, password complexity, and password history requirements.
This behavior may occur if the Group Policy object for the user's organizational unit has the Minimum Password Age setting configured as Not Defined. The Default Domain Group Policy object is the default configuration container for users.
To resolve this behavior, configure the Minimum Password Age policy setting to 0 days. To do this, define the policy setting, and then configure it. The policy settings should be configured in the Default Domain Group Policy object for users.
To configure the policy setting, follow these steps:
secedit /refreshpolicy machine_policy /enforceYou may have to restart the domain controller for this policy to be updated.
If no Minimum Password Age setting is wanted, administrators may mistakenly configure this policy setting to "Not Defined". If this policy setting is not defined in Default Domain Policy, password changes cannot occur.
You can obtain more information about Group Policy for Microsoft Windows 2000 from the following locations:
Article ID: 273004 - Last Review: March 1, 2007 - Revision: 7.4