Help! My Password failed to sync with Active Directory
In certain cases, when changing or resetting your password you may encounter
an error similar to:
setUserPwd: Active Directory rejected password - sync failed
typically, this happens after a very long pause before the page refreshes.
This is most likely caused by some additional password requirements for
Active Directory passwords:
- ADS passwords may not contain a user's account name
(eg: P@ssword4abc123 is an invalid ADS password for user
abc123 even though it passes all standard "goodness" checks
because it contains the account name "abc123".
- ADS passwords may not contain the first or last name of the user (capitalization does not matter)
(eg: john5#@32fl00r is an invalid ADS password
for user John Smith even though it passes all standard "goodness"
checks because it contains John's first name).
If this occurs, there are two possible solutions:
- Change your password to conform to the additional ADS rules for
password "goodness".
- Uncheck the box labeled "Sync my Active Directory password". Note:
Some ADS services may be unavailable to users whose ADS password is not
synced with their "normal" password (most notably when using a laptop that
is attempting to use ADS services over wireless).
NOTE: In the event your ADS password fails to sync, your password
will NOT be changed anywhere. Your "normal" password will retain its
original value (and expiration date).