Skip to main content

AD LDS User Creation passwords not set

Symptom

When creating a new user with SecureAuth's User Creation functionality the password is not set.

Cause

  • By default, an AD LDS instance automatically enforces any local or domain password policies that exist on the Windows Server. If the password to be set does not meet the local or domain complexity rules it will be rejected.

  • By default, Active Directory Lightweight Directory Services (AD LDS) will not allow a new user account password to be set over an unencrypted connection.

Resolution

Password Complexity

Verify the password you are entering complies with the AD LDS servers complexity requirements. Further information about Windows Server Password Complexity can be found in this documentEnforcing Strong Password Usage Throughout Your Organization

Unencrypted Connections

In order to allow the changing and creating of passwords for AD LDS users over an unsecured connection consider the following solutions:

Note

For security purposes you should never grant anonymous access privileges to any portion of your AD LDS instance.