Default domain password policy different than local security policy
Posted on 2016-08-11
We are trying to implement a new password policy on our domain. If I go into the default domain policy, it will show that there is nothing defined except for a 4 character password minimum. If I run secpol.msc, it shows a different set of password requirements. It shows a 42 day password expiration, a 1 day password minimum age, and 24 passwords remembered on enforce password history. RSOP on workstations also shows that the only password policy defined is the 4 character minimum.
We have a 2003 domain controller and 3 2012 domain controllers. Domain functional level is Windows Server 2003.
EDIT: I have also looked through every group policy that we have and the only one with anything defined for a password policy is the default domain policy.