We are maintaining a 2008 Active Directory Environment with Windows 7 workstations. Much of user\workstation management is handled through Group Policy. We do not normally use local user accounts except in 2 or 3 instances. The password policy that is configured via Group Policy for domain users does not apply to the rare instances where we are using local user accounts to login to domain joined machines. We have confirmed through testing that the Local Security Policy on those machines is governing the password policy for local user accounts. However, we are unable to modify the Password policy through Local Security Policy (secpol.msc) on the local machine. If I disjoin one of the affected machines from the domain, I am then able to modify Password policies via secpol.msc. However, rejoining the machine results in the original issue reappearing. I am not able to find where the cause of this problem lies. I've reviewed our Group Policy settings and I cannot find what prevents us from editing local group policy on domain joined workstations. Any recommendations?
Thanks in Advance