The standard windows password rules in the security manager do apply. I believe you have to use an existing account, and that users assigned password. If the security manager was configured after the user account was setup, and the password does not expire, then they may have weaker password rules than the currently existing ones which could create a conflict.
In server 2008R2 %windir%\system32\secpol.msc /s should bring up the local security policy
Not sure if its the same in other OS versions.
