A. This behavior, a known issue, occurs when you haven't defined a minimum password age for the users' Group Policy. To resolve this issue, configure a minimum password age of 0 instead of none.
- Start the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in (Start, Programs, Administrative Tools, Active Directory Users and Computers).
- Right-click the domain or organizational unit (OU) that contains the users (and has a Group Policy defined).
- Select Properties from the context menu.
- Select the Group Policy tab.
- Select the appropriate Group Policy (e.g., Default Domain Policy), and click Edit.
- Expand Computer Configuration, Windows Settings, Security Settings, Account Policies, Password Policy.
- Double-click "Minimum password age."
- Select "Define this policy setting," and set it to 0.
Click here to view image
- Click OK.
- Close the Group Policy windows and the Active Directory Users and Computers MMC snap-in.
- On the domain controller, run the following command to force the policy change to take effect:
C:\> secedit /refreshpolicy machine_policy /enforce