The information below is intended for administrators who are responsible for troubleshooting Specops Password Policy. Before you perform the tasks in this guide, please ensure you have correctly installed Specops Password Policy.
The custom message is not displayed when failing to meet the password rules
The MS filter is blocking the password
After you’ve ensured that the new password meets at least the default domain policy, confirm whether a fine-grained password policy (FGPP) is in place. FGPPs can be found in the Password Settings Container. Delete any FGPP to ensure that the domain policy is applied, and verify that the custom message appears as expected.
The Sentinel appears as “not installed” on the DC even though it has been installed.
If the account you are logged in with doesn’t have access to the admin$ share on the DC then you will get the “not Installed” message.
You need to be logged in with a Domain Admin level account to connect to this share. The Admin Tool checks for the existence of the file.
To ensure that the file is running, use Process Explorer (SysInternals/Microsoft tool https://technet.microsoft.com/en-gb/sysinternals/bb896653.aspx). The file will appear under LSASS.EXE in one of the threads.
Specops Password Policy and Specops Password Reset leverage the same Client. In this case, the Client is looking for SPR.ini in the Specops Password Reset product.
If you are not using Specops Password Reset, this message can be safely ignored.
User does not receive the Specops message when they enter a password that does not meet complexity requirement
- The password does not meet Microsoft’s default password complexity requirements.
- The Specops Client is not installed.
- Ensure that the password has met Microsoft’s password complexity requirements.
- Ensure that the Specops Client is installed.
- Version mismatch between Administration Tool and license key.
- Contact Specops Support for correct license file version.
There may a problem with the dictionary file.
- In the Group Policy Editor, expand User Configuration, Windows Settings, and select Specops Password policy.
- Click Configure Password Policy.
- Select the Password Rules tab.
- Disable the Disallow words from dictionary checkbox.
The person running the tool is unable to connect to the admin share on the DC’s.
Ensure that the user running the Domain Administration Tool has the appropriate rights to monitor the status.