The normal gotcha for this that I've seen is age - is there a GPO setting that specifies a minimum age of a password? If it's set, it will stop successive password changes within a certain time period. If you are administratively changing it (vs the user changing it), or if the user object is flagged as "Change password on next login" in AD, the minimum age requirement will be ignored, which may lead to any inconsistency you're observing.
Self Service Password Reset (SSPR) not changing password to to On Prem password policy
I am new to SSPR. I use Azure AD Connect to synchronize users from On-Prem AD to Azure. That has been working for years. I am setting SSPR up for our school and have gotten to the point where I am testing my first user. During SSPR setup, I require registration and two forms of verification to make the change. SSPR takes me through both verification stages and allows me to get to the screen where I am typing in and verifying my new password and when I hit "OK", it says:
"This password does not meet the length, complexity, age, or history requirements of your corporate password policy."
It is my understanding that On-Prem AD policies override Azure password policies. I have changed the account password in On-Prem AD to the same password that I have been trying to change it to in SSPR and it takes it just fine. I am going through online troubleshooting ideas, but I don't know why SSPR is saying that it doesn't meet the policy requirements.
Thanks in advance for your help.
2 answers
Sort by: Most helpful
-
Danny Zollner 9,531 Reputation points Microsoft Employee
2022-02-09T20:26:34.747+00:00 -
Pedro Erick Mejia Hernandez 6 Reputation points
2022-10-05T03:06:42.903+00:00 Hello
Have you had any progress with this problem? I'm in the same situation.