Disable password complexity rule in Active Directory
Solution 1
You're looking to change the password complexity setting you found in the "Default Domain Policy", not the local group policy. Then do a "gpupdate" and you'll see the change take effect.
Open Group Policy Management Console (Start / Run / GPMC.MSC), open the Domain, and right-click and Edit the "Default Domain Policy". Then dig into the "Computer Configuration", "Windows Settings", "Security Settings", "Account Policies", and modify the password complexity requirements setting.
Editing the "Default Domain Policy" is definitely a quick-and-dirty thing to do. The better thing to do, once you get a better handle on group policy management, would be to return the default back to default settings and make a new GPO overriding the default with the settings you want. To get you by fast, though, editing the default isn't going to hurt you.
Solution 2
I'd also like to point out that in a Windows Server 2008 domain, you can have multiple password policies applied to different OUs; with previous versions of AD, you could only have a single global password policy for each domain.
Solution 3
There's also a great article at the Technet site:
http://technet.microsoft.com/en-us/magazine/cc137749.aspx
That helps explain the differences between the new Windows 2008 password policy options and the "old" Windows 2003/2000 domain password policies.
It's good reading to make sure you understand what you can do now, especially since you stated that you are using Windows 2008.
Solution 4
Open Local Security Policy by clicking the Start button Picture of the Start button, typing secpol.msc
into the search box, and then clicking secpol.
In the left pane, double-click Account Policies, and then click Password Policy.
Double-click the item in the Policy list that you want to change, change the setting, and then click OK.
Solution 5
You should find it in
Computer Configuration > Windows Settings > Accounts Policies > Password Policy
There is an option labeled "Password must meet complexity requirements"
disable this to achieve what you want.
Related videos on Youtube
Daniel Revell
Updated on September 17, 2022Comments
-
Daniel Revell over 1 year
Where do I go to disable the password complexity policy for the domain?
I've logged onto the domain controller (Windows Server 2008) and found the option in local policies which is of course locked from any changes. However I can't find the same sort of policies in the group policy manager. Which nodes do I have to expand out to find it?
-
Spence almost 15 yearsYou're not telling him where to go to find this-- only what to change. He found this in the local group policy already, but that's not where he needs to be changing it.
-
LukeR almost 15 yearsFair enough. I guess I assumed they would be looking in the Group Policy since, that's they said they were looking there. Nice answer though. Upvoted.
-
ZachPruckowski almost 13 yearsFor Server 2008 R2 - On the Default Domain Policy, go on
Computer Configuration
thenPolicies
,Security Settings
,Account Policy
then double click onPassword must meet password complexity requirement
and disable it. -
Drew Shafer over 9 yearsTried to upvote this answer, and found out that I already upvoted it a year ago. Maybe this time I'll learn...
-
FLICKER almost 3 yearsThis does not work for Windows 2019 Server. I had to Uncheck the "Define this policy setting"
-
kuma about 2 yearstried this and apparently this didn't work as I was still unable to change the password despite complexity requirement was disabled. The culprit was
Minimum password age
set to 1 day (I was trying to revert back to a password changed few hours ago and I thought this was prevented byEnforce password history
). SetMinimum password age
to 0 day solved it.