Password Logon Length for Windows Server 2008 Standard
- I have a Windows Server 2008 standard edition that was upgraded from a W2K Server. Wnen I go to Local Computer Policy to set the minimum password length it is greyed out. Does anyone know how to activate this window for password length and complexity? Both of these are greyed out and I need to set a minium password length for all users.
Thank you
Ed
Answers
- Ed - is the computer a member of the domain? If so, domain-based policies take precedence - which is the reason the Password Policy settings are grayed out in Local Group Policy Editor.
If you want to configure those differently, you could place the computer account in a separate OU, create a GPO linked to that OU with desired password settings, and ensure that that GPO takes precedence over the one linked to the domain...
Note that this applies to LOCAL accounts only - not the domain-based ones...
hth
Marcin- Proposed As Answer byMeinolf Weber [MVP-DS]MVPSaturday, November 07, 2009 8:11 PM
- Marked As Answer byBruce-LiuModeratorMonday, November 09, 2009 8:02 AM
Hi,
If the Windows Server 2008 is a standalone computer, and the user you are using has the local administrators rights, you can access the Password Policy and do some change.
Meanwhile, if the Windows Server 2008 is in a domain environment, the corresponding local group policy option will be grayed out even you have administrator right. This is expected behavior.
If you would like to set a minimum password length for all domain users, please use Group Policy Management Console to edit the Default Domain Policy GPO. For more information, please refer to the following article:
Group Policy Management Console
http://technet.microsoft.com/en-us/library/cc753298(WS.10).aspx
Regards,
Bruce
- Proposed As Answer byMeinolf Weber [MVP-DS]MVPSaturday, November 07, 2009 8:11 PM
- Marked As Answer byBruce-LiuModeratorMonday, November 09, 2009 8:02 AM
All Replies
- Ed - is the computer a member of the domain? If so, domain-based policies take precedence - which is the reason the Password Policy settings are grayed out in Local Group Policy Editor.
If you want to configure those differently, you could place the computer account in a separate OU, create a GPO linked to that OU with desired password settings, and ensure that that GPO takes precedence over the one linked to the domain...
Note that this applies to LOCAL accounts only - not the domain-based ones...
hth
Marcin- Proposed As Answer byMeinolf Weber [MVP-DS]MVPSaturday, November 07, 2009 8:11 PM
- Marked As Answer byBruce-LiuModeratorMonday, November 09, 2009 8:02 AM
Hi,
If the Windows Server 2008 is a standalone computer, and the user you are using has the local administrators rights, you can access the Password Policy and do some change.
Meanwhile, if the Windows Server 2008 is in a domain environment, the corresponding local group policy option will be grayed out even you have administrator right. This is expected behavior.
If you would like to set a minimum password length for all domain users, please use Group Policy Management Console to edit the Default Domain Policy GPO. For more information, please refer to the following article:
Group Policy Management Console
http://technet.microsoft.com/en-us/library/cc753298(WS.10).aspx
Regards,
Bruce
- Proposed As Answer byMeinolf Weber [MVP-DS]MVPSaturday, November 07, 2009 8:11 PM
- Marked As Answer byBruce-LiuModeratorMonday, November 09, 2009 8:02 AM
