Description of Issue
There are some reasons why password rotation may fail. This document will outline the most common issues with password rotation and how you can solve them.
1. IT Glue: API Key Password Access checkbox is not enabled.
2. Active Directory: User cannot change password option is enabled.
3. Third-party password filter installed: If you have another tool installed in Active Directory that is used to detect when password changes occur or when passwords expire other than Microsoft AD Connect.
4. Quickpass Windows Service: You have switched from the Local System account to another account that does not have permission to write to Active Directory.
5. Quickpass Windows Service: The windows service is not running.
6. AD Password Policy: The minimum number of characters for the AD default domain password policy has been changed and it is now greater than the number of characters set for the Quickpass customer in Auto Rotate Settings.
7. Office 365: The Quickpass application has not been added to the Global Administrators group for the Office 365 tenant in Azure Active Directory.
1. IT Glue: Make sure the API Key Password Access checkbox is enabled.
2. Active Directory: Un-check the User cannot change password option
3. Third-party password filter installed: Uninstall the third party password filter application. Microsoft AD Connect is supported. If unsure please email support at firstname.lastname@example.org and send a screen shot of the registry entry below.
4. Quickpass Windows Service: Ensure the Local System Account is set for Log on as.
5. Quickpass Windows Service: Ensure the windows service is running. If you try to start the service and it fails to start or crashes please open a support ticket at email@example.com.
6. AD Password Policy: If you happen to change the default domain AD password policy password length check the Auto Rotate Settings for that customer and ensure the password length is at least the same number of characters or greater.
7. Office 365: Add the Quickpass application to the Global Administrators group in Azure Active Directory for the Office 365 tenant.
In the azure portal go to Azure Active Directory, Click on Roles and administrators. Type in Global Administrator in the Search box. Click on Global Administrator under Role.
In the Global Administrator - Assignments window click Add Assignments button.