A. This behavior, a known issue, occurs when you haven't defined a minimum password age for the users' Group Policy. To resolve this issue, configure a minimum password age of 0 instead of none.

  1. Start the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in (Start, Programs, Administrative Tools, Active Directory Users and Computers).
  2. Right-click the domain or organizational unit (OU) that contains the users (and has a Group Policy defined).
  3. Select Properties from the context menu.
  4. Select the Group Policy tab.
  5. Select the appropriate Group Policy (e.g., Default Domain Policy), and click Edit.
  6. Expand Computer Configuration, Windows Settings, Security Settings, Account Policies, Password Policy.
  7. Double-click "Minimum password age."
  8. Select "Define this policy setting," and set it to 0.

    Click here to view image

  9. Click OK.
  10. Close the Group Policy windows and the Active Directory Users and Computers MMC snap-in.
  11. On the domain controller, run the following command to force the policy change to take effect:

    C:\> secedit /refreshpolicy machine_policy /enforce