Information: Forum is in read-only mode
For details and other support options see https://www.adiscon.com/news/support-forum-set-to-read-only-mode/

Server 2003/error code 2245/event id 627

Support, Questions and Discussions on PasswordManager

Moderator: alorbach

Google Ads


Server 2003/error code 2245/event id 627

Postby dteck » Mon Sep 10, 2007 10:09 pm

Has anyone encountered an issue where you receive the following message and cannot resolve it? I have triple checked all of my local and group policies and I am operating within those boundaries.

Error: new password is to short. Use a longer one.

After the refresh comes the Operation Status message:
The result of the change password operation was as follows:

There was an unknown system error (code 2245)

I think I have it narrowed it down to it being a permissions issue. I believe that it is because an account with less than user's permission level is trying to change the password. It must have to do with IIS6 because the Password Manager works just fine on W2K Server.

I know that the operation status message just publishes what is returned by the operating system but there has to be more information available. The event log helped me narrow it down some.

Any ideas? I know that a lot of people read these threads as there are several thousand for every posting.
dteck
New
 
Posts: 4
Joined: Mon Sep 10, 2007 9:48 pm

Postby alorbach » Tue Sep 11, 2007 10:31 am

What I found about this error code 2245:

2245 The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements.


So I guess your password must be at least 8 chars long, contain numbers, lower and higher case characters.
alorbach
Site Admin
 
Posts: 1627
Joined: Thu Feb 13, 2003 11:55 am

Postby dteck » Tue Sep 11, 2007 2:51 pm

I know that the password meets MS strong password standards and complies with the group policies as I can use CTRL-ALT-DEL and change my password to exactly the same password that I receive an error for with Password Manager. I even copied and pasted the p/w just to make sure.

I used a 16 character password with upper, lower, numeric, and symbols and still had the same results. I used a strong password generator to ensure that the history requirements are met.

I'm sure that the error it is a generic return message from the operating system but I cannot find any more info to determine the exact cause. I was wondering if anyone else had been plagued by this issue and what they did to fix it.
dteck
New
 
Posts: 4
Joined: Mon Sep 10, 2007 9:48 pm

Postby alorbach » Tue Sep 11, 2007 2:55 pm

Hrm you can check the security log on your DC right after you tried changing a password. You will might see some useful event if security auditing for account management is enabled.
alorbach
Site Admin
 
Posts: 1627
Joined: Thu Feb 13, 2003 11:55 am

Postby dteck » Tue Sep 11, 2007 3:18 pm

That is where I got event id 627 from. All the variables appear to be correct, according to the security log. If I compare them to a manually initiated password change (which is successful) I get the exact same info.

Change Password Attempt:
Target Account Name: user
Target Domain: DOMAIN
Target Account ID: DOMAIN\user
Caller User Name: user
Caller Domain: DOMAIN
Caller Logon ID: blah blah hex code
Privileges: -

I need to find some advanced logging to find the specific problem.
dteck
New
 
Posts: 4
Joined: Mon Sep 10, 2007 9:48 pm

SUCCESS!

Postby dteck » Tue Sep 11, 2007 3:32 pm

It was 100% stupidity on my part.

I was looking so hard for the problem that it was right in front of me.

The minimum password age policy was set to 1 day. As soon as I set it to 0 days the Password Manager worked perfectly.

Unfortunately, I had to look into LDAP issues and vb scripting before I discovered my error.

Thanks for your help and I hope to be able to sell this to some customers.
dteck
New
 
Posts: 4
Joined: Mon Sep 10, 2007 9:48 pm

Postby alorbach » Tue Sep 11, 2007 3:36 pm

Great you solved the problem.

best regards,
Andre
alorbach
Site Admin
 
Posts: 1627
Joined: Thu Feb 13, 2003 11:55 am

Google Ads



Return to PasswordManager

Who is online

Users browsing this forum: No registered users and 0 guests

cron