I am using Windows Server 2003 Enterprise Edition. I created one domain, xyz.com, and then configured Group Policy for a domain and domain controller that requires a complex password of at least seven characters. After that, I created one OU (organizational unit) in my xyz.com domain called ACC. For the ACC OU, I don't need a complex password, so in Group Policy, I disabled complex password and set the minimum character length to zero and set block policy inheritance. When I created a user in the ACC OU, it still required a complex password. I don't understand what's going wrong.
This Group Policy complex password problem is due to the fact that in Group Policy, in Windows networks, password security policies are
only assigned at the domain level. You can expand the policy at the OU and go through all of the motions, but Active Directory will not actually apply the changes. In fact, having differing password policies is one of the few reasons for creating additional domains.
This Content Component encountered an error
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.