We have deployed ADSelfservice Plus and are using it successfully. However we just discovered what could be a major issue. It appears the product allows users to re-use passwords, because it doesn't look at the AD password history.

I found and checked the box on the Policy Configuration screen, under Reset & Unlock, that says "Enforce Active Directory Password history settings during password reset", but it doesn't seem to work. In testing I can reset a password, then run again to reset to a new one, then when I run again, I can use the first password.

Is there a setting I am missing that would make this work? I am running build number 5300.

Thank you.