Disable password complexity rule in Active Directory

Solution 1:

You're looking to change the password complexity setting you found in the "Default Domain Policy", not the local group policy. Then do a "gpupdate" and you'll see the change take effect.

Open Group Policy Management Console (Start / Run / GPMC.MSC), open the Domain, and right-click and Edit the "Default Domain Policy". Then dig into the "Computer Configuration", "Windows Settings", "Security Settings", "Account Policies", and modify the password complexity requirements setting.

Editing the "Default Domain Policy" is definitely a quick-and-dirty thing to do. The better thing to do, once you get a better handle on group policy management, would be to return the default back to default settings and make a new GPO overriding the default with the settings you want. To get you by fast, though, editing the default isn't going to hurt you.

Solution 2:

I'd also like to point out that in a Windows Server 2008 domain, you can have multiple password policies applied to different OUs; with previous versions of AD, you could only have a single global password policy for each domain.


Solution 3:

There's also a great article at the Technet site:

http://technet.microsoft.com/en-us/magazine/cc137749.aspx

That helps explain the differences between the new Windows 2008 password policy options and the "old" Windows 2003/2000 domain password policies.

It's good reading to make sure you understand what you can do now, especially since you stated that you are using Windows 2008.


Solution 4:

Open Local Security Policy by clicking the Start button Picture of the Start button, typing secpol.msc into the search box, and then clicking secpol.‌

In the left pane, double-click Account Policies, and then click Password Policy.

Double-click the item in the Policy list that you want to change, change the setting, and then click OK.