Solved

Password Complexity Windows 2008 Server

Posted on 2008-10-10
5
1,562 Views
Last Modified: 2012-05-05
Hi There!

I have a 2008 Domain Controller Freshly Promo'd in a LAB Environment. Single DC, Single server.

I am trying to change the password complexity and I found countless documents explaining the process.

http://technet.microsoft.com/en-us/library/cc264456.aspx   as an example.

I used this policy and disabled the complexity and length requirements and did a gpupdate /force but new users created in the ADUC Applet, still gave an error. After MUCH mucking around I found changing the settings in gpedit.msc fixed my issue.. How can that possibly be?

What am I doing wrong?
0
Comment
Question by:networkn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 13

Expert Comment

by:ScooterAnderson
ID: 22687867
GPEdit.msc is just the Group Policy Editor...

The Password Complexity Requirements are in the Default Domain Policy -
ComputerConfig:Policies:WindowsSettings:SecuritySettings:AccountPolicy:PasswordPolicy

After changing settings there, you'll have to go to a DOS prompt and issue:  gpupdate /force  and let your server pick up the changes to the Domain Policy, or reboot it.
0
 
LVL 13

Expert Comment

by:ScooterAnderson
ID: 22687896
Also, if it's still available on your system (although shouldn't be on a DC), see if Local Security Policy is still available on your system & check policy there.

Another option is to run RSOP.msc on your server, which will parse through GP's to be applied to your system and give the Resultant Set of Policies that is applied to your server/user session.  It will also identify what GP is applying any configured policies so you know where to change policies, if need be.
0
 

Author Comment

by:networkn
ID: 22690914
http://i301.photobucket.com/albums/nn62/networkn/gpo1.jpg

this is where I changed the policy and did a gpupdate /force, however this didn't work, and the only way I could get the password complexity to work was to run gpedit.msc and change it there and run gpupdate /force
0
 

Accepted Solution

by:
networkn earned 0 total points
ID: 22863077
Problem was solved by reinstalling Active Directory.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question