Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3637
  • Last Modified:

Cannot disable password complexity requirements in Windows Server 2003

I've successfully installed Windows Server 2003 as a Domain Controller, App Server, and DNS server (single machine).  When I tried to create the first user account (me), the password I was using was not complex enough.  I went in to the Default Domain Policy and edited the Computer Configuration Security Settings.  I set all of the password information to "Not Defined" or "Disabled" and saw no change in the ability to use a less that secure password.  I also set minimal requirements on the password restrictions and that didn't work.  The only way I was able to enter a simple password was to disable the Computer Configuration piece of the Policy.  Am I missing something here?  Is there a registry setting overriding the policy?  Was it an update patch I've installed...or not installed?

Thanks.

ST3
0
slaroche
Asked:
slaroche
1 Solution
 
sirbountyCommented:
Is this related? http://support.microsoft.com/?kbid=821425

What's the exact error message you're seeing?
0
 
Droby10Commented:
a few comments.  first, did you reboot between policy changes?  password filters are initialized and loaded into lsa process space at boot and locked until shutdown; as is the use of it/them for password validation.

you might also look at your [HKLM\System\CurrentControlSet\Control\Lsa@Security Packages] value.  passflt should not be present, after you disable complexity, but odder things have happened.  if it is there, then remove it (be aware it's a multi_sz value).  reboot.  and then give it another go.

0
 
slarocheAuthor Commented:
I went in and set all of the password policy settings to "Not Defined" and rebooted the machine.  I still get the message:  Windows cannot complete the password change for "user" because: The password does not meet the password policy requirements.  Check the minimum password length, password complexity and password history requirements.

I also verified that the only value in the registry key you identified is the following:

kerberos
msv1_0
schannel
wdigest

So, I don't know.  I've made the changes in Administrative Tools>Default Domain Security Settings>Account Policies>Password Policy...everything in there shows Not Defined.

Any other ideas?
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
Droby10Commented:
sorry wrong key, it should be under notification packages rather than security packages.

verify with the following list.

RASSFM
KDCSVC
WDIGEST
scecli
0
 
slarocheAuthor Commented:
I have those and only those values in the Notification Packages.  Could there be a patch that I applied or did not apply.  I've done all of the critical updates.  
0
 
What90Commented:
Here's a link to someone with the same problem and how they fixed it:
http://www.experts-exchange.com/Operating_Systems/Q_20930511.html
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now