Quick note: Ever built a small test environment and wanted to disable the annoying password complexity requirements/age in server 2008R2? Here is how:
When setting up a new Windows Server 2008 server either with or without Active Directory you will discover that it has a rather strong policy for passwords. If you are setting this up at home or in a small business environment and don't want to deal with the complex passwords that are required to meet the policy guidelines, you can edit the policy to disable the complexity requirements. You can try going to a command prompt and typing 'gpedit.msc' then navigating to Computer Settings\Windows Settings\Security Settings\Account Policies\Password Policy\ section.
Here you will see the 'Password must meet complexity requirements' item. When viewing the properties of it, usually the Enabled/Disabled radio buttons will be grayed out and you cannot change the values. If they are able to be changed, go ahead and do it, and save out of the dialog boxes. If it is grayed out and you cannot change it here, this is how you do it:
- Go to a command prompt
- Type 'secedit /export /cfg c:\local.cfg' and hit enter
- Using notepad, edit c:\local.cfg
- Look for the line "PasswordComplexity = 1" and change it to "PasswordComplexity = 0"
- You can also edit "MinimumPasswordLength = 7" to a lesser value if you like.
- Save the file
- At a command prompt type 'secedit /configure /db %windir%\security\local.sdb /cfg c:\local.cfg /areas SECURITYPOLICY
- This will apply the new settings and refreshing the gpedit.msc should reflect the new settings
- Set your new less complex password!
No comments:
Post a Comment