we configured PM over WS2012R2.
We can start the PMAdmin and we can start the PMUser.
The users can do the registration with their AD password, set their secret questions etc.
At the moment of running the Forget Password, we face an error saying that we are in violation of the Windows Security policy.
I can confirm you that the fine grained security policy in AD contains no requirements and nor the Windows Policy or the One Identity policies present in Password Manager have been configured (we also tried to configure them only with password 8-16).
Now, in the moment that the user is trying to change the password we receive this message about the password violation, but we detect through AD that the password was actually changed, but not using the password we provided.
In this event we are in the situation where both old and new password are not working, and we have no idea which password is in use.
Also trying with brand new accounts and putting a quite good password with more than 10 chars, upper lowers and digits, we still get that the password is in violation.
Moreover, if we try to change one more time the password, we are in breach with the minimum time password of one day, although is not set.
Have you any idea?