SOLVED: Event ID: 16979 – The domain is incorrectly configured with a MinimumPasswordLength setting that is greater than 14

This is a very tricky error to understand:

Windows Event ID: 16979
Message: The domain is incorrectly configured with a MinimumPasswordLength setting that is greater than 14.

NOTE: until this is corrected, the domain will enforce a smaller MinimumPasswordLength setting of 14.

Currently configured MinimumPasswordLength value: 15

For more information see https://go.microsoft.com/fwlink/?LinkId=2097191 .

Previous to Windows 10 2004 it was not readily possible to set a minimum password length requirement in GPO to more than 14 characters.  Today however, Microsoft wants everyone to  scrap passwords altogether by using other methods of authentication or by requiring “passphrases”.

A passphrase is a longer string of text than a typical long password and passphrases can often exceed the previous maximum “minimum password length”, which is a very good thing.

Here is the catch, if you are using the GPO templates for Windows newer than 2004 (i.e. April of 2020) you can now set a GPO that requires more than 14 characters BUT Microsoft did not release a patch for older OS’ like Windows Server 2012R2 that support minimum password lengths of more than 14 characters.  Hence the error you are seeing.

Put simply, you can now set a GPO that requires passwords to be greater than 14 characters in length, but old Operating Systems like Server 2012 R2, can not enforce that requirement.