How to change password policy on SBS 2008?

Hi,

Can anyone tell me how to change the SBS 2008 requirement for password changes (frequency, complexity and history of passwords)?
The the problem is that a small company with a 100% local trust needs a server but not the hassle that it imposes. Once in a while SBS 2008 complaints that passwords are now old and need changing. It would not allow the same password or another one used before. The main problem is that stupid Symantec backup screws up big time every time the "admin" has a password change. With a lengthy procedure to change service passwords otherwise backup is dead....

 
FMPCAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

FMPCAuthor Commented:
Thank you!
Now I have a follow up question... the options are not changeable, there is a padlock on. Why would this be? I have the full admin rights but connect via LogMeIn. Is that the reason?
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Shreedhar EtteCommented:
1. Go to Administrative tools > Group Policy Management.

2. In GPMC, expand out the domain and then go to Group Policy Objects

3. Right Click the Default Domain Policy and select Edit.

4. Go to Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy and modify the Setting: Password must meet complexity requirements

Hope this helps,
Shree

0
Brian PiercePhotographerCommented:
You need to make the chages via the group policy

On the server, open Group Policy Management
Under Computer Configiration, Open Windows Settings->Secutity Settings->Account Policies->Password Policies
and make the chnages there. You will nee to run GPUPDATE /force from the run box or command line after making the changes, and some changes may not apply until you log off/restart the computer.

BTW. Microsoft ALWAYS recommend that you DO NOT use the administrator password - or indeed the account used by any USER to run scheduled tasks and sevices for the very reasons you have discovered. What is recommended is that you create a new account (by copying administrator if necessary) and then you can individually set that account (using the account properties in AD users and Computers), so that the password for that account "Never Expires", its a simple tick box in the account properties)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
FMPCAuthor Commented:
Sorry Shreedhar, but I don't see how password complexity can fix the problem that I am not allowed (greyed out) to change those options...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.