Microsoft KB Archive/925240

= You receive a warning message that does not correctly describe the password requirements when you set a new password that does not meet the requirements in Windows Server 2003 =

Article ID: 925240

Article Last Modified on 10/11/2007

-

APPLIES TO


 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition
 * Microsoft Windows Server 2003, Web Edition
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard x64 Edition
 * Microsoft Windows Server 2003, Enterprise x64 Edition
 * Microsoft Windows Server 2003, Datacenter x64 Edition
 * Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
 * Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems

-



SYMPTOMS
Consider the following scenario.
 * A Microsoft Windows Server 2003-based domain hosts users.
 * Another Windows Server 2003-based domain hosts computers.
 * The password expires on a computer that is running Windows Server 2003.
 * You set a new password that does not meet the complexity requirements of the domain that hosts users.

In this scenario, you receive a warning message that does not correctly describe the password requirements. Instead, you receive a warning message that resembles the following:

The password supplied does not meet the minimum complexity requirements. Please select another password that meets all of the following criteria: is at least 0 characters; has not been used in the previous 0 passwords; must not have been changed within the last 0 days; does not contain your account or full name; contains at least three of the following four character groups: English uppercase characters (A through Z); English lowercase characters (a through z); Numerals (0 through 9); Non-alphabetic characters (such as !, $, #, %).

In this warning message, all the numbers in the password requirements are zeros.



CAUSE
This problem occurs because the computer cannot retrieve the password requirements in an anonymous session.

After a user's password expires, the computer can use computer information to create sessions only with the domain controller that hosts the user. In this case, Kerberos authentication fails if the target domain is not in the list of Domain Name System (DNS) suffixes to search. Therefore, the computer uses an anonymous session. In an anonymous session, the computer cannot retrieve the password requirements when the password change fails.



RESOLUTION
This update has been superseded by a newer update. For more information about the newer update, click the following article number to view the article in the Microsoft Knowledge Base:

931310 You receive a warning message that does not correctly describe the password requirements when you set a new password that does not meet the requirements in Windows Server 2003



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.



MORE INFORMATION
For more information about the terms that are used to describe software updates, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Additional query words: minpwdage minpwdlength pwdhistorylength

Keywords: kbbug kbfix kbqfe kbpubtypekc kbexpertiseinter kbhotfixserver kbwinserv2003presp2fix kbwinserv2003sp2fix KB925240

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.