Active Directory Membership Provider Rejecting Password Reset

0
votes

I'm using ActiveDirectoryMembershipProvider in an ASP.Net Application that allows users to manage their AD accounts (Create, Change Password, etc..). The problem is, When I try to reset the password using UserPrincipal.ChangePassword() method, it throws the following exception although there are no password policies specified on AD level:

{"The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements. (Exception from HRESULT: 0x800708C5)"}

I then added the enablePasswordReset="true" and requiresQuestionAndAnswer="false" to the membership configuration in the web.config and now I get this exception once the user tries to login to AD

The Active Directory membership provider does not support password reset without password question and answer.

I though that requiresQuestionAndAnswer="false" should fix this problem!

What could be the problem?

1
asp.netactive-directoryweb-configmembership-provider
Did you actually manually verify that the password meets the necessary complexity? - Michael-O
Yes, I verified that. It's not related to complexity - AbuShokry
I would go low-level and use wireshark. - Michael-O
Michael-O: Yes, it didn't meet the policy. Not the complexity though. Explained in the answer below - AbuShokry

1 Answers

1
votes

It appeared that the password policy was set to disallow changing password more than once in the same day. That's why it was rejecting password change. After disabling that rule. It worked fine