We created a Default Domain policy at domain root level that enforced complex passwords for all our users. We then decided for various reasons that we wanted our users to be allowed once again to use simple passwords, so we disabled 'Passwords must meet complexity requirements' in Computer Configuration/Windows settings/Security settings/Account policies/Password policy. All other policies in this area are 'Undefined'.
The problem is that when we as Admins attempt to change a user's password (to a simple password) in AD, we get the message that 'the password does not meet password policy requirements - check the complexity, minimum password length and history requirements'. This does not make sense to me, as there is now no password policy set at any level in the Domain. Any ideas?
I've seen this where you may have to manually reset each users' account within Active Directory Users and Computers. There might be a quicker way; but when this happened to me, this is what I (painfully) had to do.
Additional Expert Help:
Be sure to check our Answer FAQ for more expert advice.
For faster answers, visit ITKnowledge Exchange.