Hello,
My predecessor at our organization setup a password policy and then took another job. Good times!
Anyway, I am the interim IT admin until the new guy gets here and I don't fully understand the ins and outs of AD. However, the password policy setup looks fairly straight forward. But, we are having a problem and I am hoping you all can help
We are using Server 2003 for this.
The Maximum Password age is 360 so, it should be about a year before we have to reset our passwords but, we are getting notices to change our passwords much earlier than that. Also, our Enforce Password History is set to 1 Password Remembered.
Some people that I have spoken with think that maybe the users that are getting the early password change notification, have "changed" their password to their current password, (not changing it at all but, just entering their current password as the new password) and the Enforce Password History constraint doesn't like it, therefore making these users reset their passwords after a what seems like a month or two. Could this be the case?
If I changed the Enforce Password History to 0, would that elevate the problem? Forget about how it's not secure. I'm just trying to understand it.