Disclaimer: Please contact Sophos Professional Services if you require assistance with your specific environment.
Issue
The password cannot be changed, although it meets the complexity required in the Active Directory. The wizard stops and mentions that the password does not meet the rules defined in the AD. No password settings have been defined in the SafeGuard Enterprise.
Applies to the following Sophos products and versions:
- SafeGuard BitLocker Client
- SafeGuard Data Exchange
- SafeGuard Device Encryption
- SafeGuard File Encryption
- SafeGuard Synchronized Encryption
Cause
- The password setting in Active Directory is either set to 1 or Not defined.
Check the value of the Minimum password age setting
This issue might be related to the fact that the Minimum password age (Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policy) in the Active Directory Default Domain Policy (GPO) is either set to 1 or Not defined.
If this limit is set, the message will state that the password complexity rules have been violated whenever the user tries to change the password. This is because the minimum password age has not yet exceeded the limit in the Active Directory.
For additional reference, see the Microsoft document about the Minimum password age.
Sign up to the Sophos Support Notification Service to get the latest product release information and critical issues.
Previous Article ID: 108693
Added the disclaimer
[edited by: NOAH at 6:02 AM (GMT -7) on 26 Apr 2021]