BlueCentral utilises a strict password policy on all mail accounts to protect the security of your mail account and to avoid security issues within our environment.
The following information describes the policy and how it applies to the selection of passwords you should choose when adding or changing your mailbox password:
- Passwords must not contain the user's entire samAccountName (Referred to as the Account Name in the Control Panel) value or entire displayName (Referred to as the Full Name in the Control Panel) value. Both checks are not case sensitive:
- The samAccountName is checked in its entirety only to determine whether it is part of the password. If the samAccountName is less than three characters long, this check is skipped.
- The displayName is parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the displayName is split and all parsed sections (tokens) are confirmed not to be included in the password. Tokens that are less than three characters in length are ignored, and substrings of the tokens are not checked. For example, the name "Erin M. Hagens" is split into three tokens: "Erin," "M," and "Hagens." Because the second token is only one character long, it is ignored. Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password.
- Passwords must contain characters from three of the following five categories:
- Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
- Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
- Base 10 digits (0 through 9)
- Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
- Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.
Known Issues:
If you key in a password that does not meet this criteria, the Control Panel will not present an error message that is easy to understand. Instead, you will receive what looks like a very technical error that does not really explain anything or how to fix it. If this message does appear, you need to revise your password in accordance with the policy provided in this article. Whilst this issue is a technical fault with the software that runs our Control Panel, the impact is actually cosmetic in that the software does not provide a very user friendly message to tell you what to do next.
Error creating mailbox. See audit log for more details. System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> System.Exception: Error executing 'CREATE_USER' task on '' ORGANIZATION ---> System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> Could not enable mail user 'MAILBOXNAME' at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at WebsitePanel.Providers.Exchange.ExchangeServer.CreateMailEnableUser(String upn, String organizationId, String organizationDistinguishedName, ExchangeAccountType accountType, String mailboxDatabase, String offlineAddressBook, String accountName, Boolean enablePOP, Boolean enableIMAP, Boolean enableOWA, Boolean enableMAPI, Boolean enableActiveSync, Int32 issueWarningKB, Int32 prohibitSendKB, Int32 prohibitSendReceiveKB, Int32 keepDeletedItemsDays) at WebsitePanel.EnterpriseServer.ExchangeServerController.CreateMailbox(Int32 itemId, Int32 accountId, ExchangeAccountType accountType, String accountName, String displayName, String name, String domain, String password, Boolean sendSetupInstructions, String setupInstructionMailAddress) --- End of inner exception stack trace --- at WebsitePanel.EnterpriseServer.ExchangeServerController.CreateMailbox(Int32 itemId, Int32 accountId, ExchangeAccountType accountType, String accountName, String displayName, String name, String domain, String password, Boolean sendSetupInstructions, String setupInstructionMailAddress) at WebsitePanel.EnterpriseServer.esExchangeServer.CreateMailbox(Int32 itemId, Int32 accountId, ExchangeAccountType accountType, String accountName, String displayName, String name, String domain, String password, Boolean sendSetupInstructions, String setupInstructionMailAddress) --- End of inner exception stack trace ---
BlueCentral is actively working with our third-party vendors who are responsible for this software to determine if the newer versions of the Control Panel software have this bug resolved. We are currently in the process of implementing the new software in our development labs and intend to test for this fix. In the event that the issue is resolved, BlueCentral will arrange for a scheduled maintenance window to update the software.
If you believe the information in this article is incorrect or you still need assistance to resolve issues of this nature, please don't hesitate to raise a ticket with the Support team and we will work through any issues or concerns you may have.