How to change Active Directory Password Security Policy

I just create a PDC using Windows 2008 Standard.  I have connected up my first sub-node to the domain, and tried to change the password.  Every combination I have tried says it isn't long enough or complex enough, my last 2 tries were @pP!ej@(k and @pP!e-2009-j@(k neither of which worked.

Any ideas how I can change the password policy to something a bit more user friendly?
LVL 1
SatTechSolutionsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bluntTonyHead of ICTCommented:
The account password policies for your domain typically reside in the Default Domain Policy.
Have a look in your Default Domain Policy...
Computer Configuration | Windows Settings | Security Settings | Account Policies | Password Policy
Change any settings here that are too strict for your purposes.
0
SatTechSolutionsAuthor Commented:
Don't see any of those, this is Windows 2008 Server
0
bluntTonyHead of ICTCommented:
Did you look in the GPMC for the 'Default Domain Policy' group policy object?
Granted, in 2008 there's been some changes. Password settings can be handled by Password Setting Objects (PSO) which are objects in AD rather than settings within a group policy object. This is to allow for multiple policies within the same domain which 2003 didn't allow. Have a look at ...http://technet.microsoft.com/en-us/magazine/cc137749.aspx ... and read the section referring to 2008.
However  - the default settings, before you create a PSO, should still be handled in the 'Default Domain Policy' group policy object. Are you saying that when you open this GPO with the GPMC, these policy settings do not exist? Have a read of this, regarding the default policy settings in 2008 : http://technet.microsoft.com/en-us/library/cc264456.aspx - this also explains the default password complexity criteria.
The following article explains how to create fine-grained password policies, if this is of interest to you : http://www.windowsecurity.com/articles/Configuring-Granular-Password-Settings-Windows-Server-2008-Part-1.html
Like i say though, you should be able to modify the 'out-of-the-box' policy with group policy as in 2003.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.