I use Windows Server 2003 with Active Directory. I have strict password policies set, and lately my users have been getting warnings that their passwords are expiring in X amount of days. I know the defualt is set to start prompting at 14. The problem is that when my users opt to change their password early, it won't let them. They get the message saying that complexity requirements are not met. It won't let them change their passwords until around 1 or 2 days before it is set to expire, or until it actually does expire. I have tested this problem myself, so I am sure that people are typing in proper passwords. I have set group policy to warn about password expiration 2 days prior, which should solve the problem. But I would still like to know why it wasn't letting my users change their passwords earlier than that. Can anyone shed some light?