Can not change complex password setting in server 2016

I am trying todiable the complex password in server 2016.when I navigate to Local Grup Policy Editor - Computer Configuration - Windows Setting - Security Setting - Account Policy - Password Policy  The Password must meet complexity requirerments is enabled and grayed out soI am not able to change it?
nesteyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Use rsop.msc to verify which domain policy has set that.
0
Hello ThereSystem AdministratorCommented:
Are these settings set in a GPO that applies to this computer? Group Policy takes precedence over local policy.  In this case, the corresponding local group policy option will be grayed out. This is expected behavior.
0
nesteyAuthor Commented:
Sorry, I do not usually use policies so not too sure where to go. This is a new domain and I just setup this DC so must be default setting?
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Hello ThereSystem AdministratorCommented:
Run gpresult -r on your server. What is the result?

Also make sure that you have priviledges to do anything on server. What account do you use? Which groups is this account member of?

Check this article. This one too.
0
nesteyAuthor Commented:
I am login as the domain admin on the DC below is the results of the gpresult -r

Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.

C:\Users\Administrator>gpresult -r

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
© 2016 Microsoft Corporation. All rights reserved.

Created on 12/29/2017 at 3:33:14 PM


RSOP data for OSAIUSA\Administrator on SERVER1 : Logging Mode
--------------------------------------------------------------

OS Configuration:            Primary Domain Controller
OS Version:                  10.0.14393
Site Name:                   Default-First-Site-Name
Roaming Profile:             N/A
Local Profile:               C:\Users\Administrator
Connected over a slow link?: No


COMPUTER SETTINGS
------------------
    CN=SERVER1,OU=Domain Controllers,DC=osaiusa,DC=lan
    Last time Group Policy was applied: 12/29/2017 at 3:28:25 PM
    Group Policy was applied from:      Server1.osaiusa.lan
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        OSAIUSA
    Domain Type:                        Windows 2008 or later

    Applied Group Policy Objects
    -----------------------------
        Default Domain Controllers Policy
        Default Domain Policy
        Local Group Policy

    The computer is a part of the following security groups
    -------------------------------------------------------
        System Mandatory Level
        Everyone
        BUILTIN\Users
        NT AUTHORITY\SERVICE
        CONSOLE LOGON
        NT AUTHORITY\Authenticated Users
        This Organization
        BITS
        CertPropSvc
        DcpSvc
        dmwappushservice
        DsmSvc
        Eaphost
        IKEEXT
        iphlpsvc
        lfsvc
        MSiSCSI
        NcaSvc
        NetSetupSvc
        RasAuto
        RasMan
        RemoteAccess
        Schedule
        SCPolicySvc
        SENS
        SessionEnv
        SharedAccess
        ShellHWDetection
        UsoSvc
        wercplsupport
        Winmgmt
        wisvc
        wlidsvc
        WpnService
        wuauserv
        LOCAL
        BUILTIN\Administrators


USER SETTINGS
--------------
    CN=Administrator,CN=Users,DC=osaiusa,DC=lan
    Last time Group Policy was applied: 12/29/2017 at 2:55:14 PM
    Group Policy was applied from:      Server1.osaiusa.lan
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        OSAIUSA
    Domain Type:                        Windows 2008 or later

    Applied Group Policy Objects
    -----------------------------
        N/A

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Local Group Policy
            Filtering:  Not Applied (Empty)

    The user is a part of the following security groups
    ---------------------------------------------------
        Domain Users
        Everyone
        BUILTIN\Administrators
        BUILTIN\Users
        BUILTIN\Pre-Windows 2000 Compatible Access
        NT AUTHORITY\INTERACTIVE
        CONSOLE LOGON
        NT AUTHORITY\Authenticated Users
        This Organization
        LOCAL
        Domain Admins
        Group Policy Creator Owners
        Enterprise Admins
        Schema Admins
        Authentication authority asserted identity
        Denied RODC Password Replication Group
        High Mandatory Level

C:\Users\Administrator>
0
8046586Commented:
Go to Administrative Tools=>Group Policy Management and check the policy there. You should have default domain policy. Just edit the policy and change the Password must meet complexity requirements to disable.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nesteyAuthor Commented:
I was able to change the complexity to disable.
While I was there I also set the password length to not defined  Default was 7 , now when I try set use a password that is less than 7 characters it gives me a error to check the length?
0
8046586Commented:
Restart computers twice and try to change the password again. The updated policy should apply on the desktops to start working.
You can open CMD and type: gpupdate /force
Then log off, log back on. If it is not working restart twice.
0
nesteyAuthor Commented:
Hi LVL4

I tried gpupdate /force still looking for 7 characters  rebooted pc 2x still the same unable to restart DC at the moment will try that after
0
8046586Commented:
You should leave the default password length in the GP to 7 characters enabled. If you are not using the GP than god helps you, you have to manage every desktop individually.
0
nesteyAuthor Commented:
All set thanks LVL4
0
8046586Commented:
Don't forget to close this call
0
nesteyAuthor Commented:
Thanks Nick
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.