Last post Apr 12, 2007 06:01 AM by mreijn
Apr 11, 2007 08:19 AM|esexon|LINK
I have disabled password complexity within my AD GPO but my users still get prompted for complex passwords within my control panel (EAF)
Is this controlled somewhere within MPS?
Apr 11, 2007 09:37 AM|Steve@Planet|LINK
This isn't an EAF issue.
If you run a traceview on the MPS server you should see that the error is being raised from the "Active Directory Provider::User Set Password" procedure.
Is this the case?
Apr 11, 2007 09:49 AM|Steve@Planet|LINK
Just a quick thought, after modifying the Policy on AD01 did you run:
Apr 12, 2007 05:28 AM|esexon|LINK
gupdate was run when I first turned off password complexity weeks ago.
The ad boxes have been rebooted since this time too.
I have run traceview on the MPS server and the error has been raised from the "Active Directory Provider::User Set Password" procedure.
Is there a possiblity that this is being set somewhere in MPS?
Apr 12, 2007 05:51 AM|Steve@Planet|LINK
No, MPS does not cache this.
The only way I can replicate what you're seeing is if I do not run:
after I modify the GPO.
The error is being raised by the User Set Password function in the Active Directory Provider. Alas, I have no real idea what is going on inside this function.
Can you run gpupdate again?
I am assuming you have tried this, but just making sure.
Apr 12, 2007 06:01 AM|mreijn|LINK
Have you changed the "Default Domain Policy"? Because that one must be set, other GPO's will be overwritten. When you change the Password Policy, this will be set Domain level wide.
You must run gpupdate /force on the MPS engine, did you check with gpresult when the latest "Default Domain Policy" was applied?