Q

Password security in Group Policy for Windows networks

Managing password security in Group Policy is not always as easy as you'd like. Learn how to reduce errors caused by complex passwords in Windows networks here.

I am using Windows Server 2003 Enterprise Edition. I created one domain, xyz.com, and then configured Group Policy for a domain and domain controller that requires a complex password of at least seven characters. After that, I created one OU (organizational unit) in my xyz.com domain called ACC. For the ACC OU, I don't need a complex password, so in Group Policy, I disabled complex password and set the minimum character length to zero and set block policy inheritance. When I created a user in the ACC OU, it still required a complex password. I don't understand what's going wrong.
This Group Policy complex password problem is due to the fact that in Group Policy, in Windows networks, password security policies are only assigned at the domain level. You can expand the policy at the OU and go through all of the motions, but Active Directory will not actually apply the changes. In fact, having differing password policies is one of the few reasons for creating additional domains.
This was first published in September 2007

Dig deeper on User passwords and network permissions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close