none
Password policy on Windows 2008 R2.

    Question

  • Is there away to force password policy on Windows 2008 R2 AD to accept complex passwords of at least “letters and numbers”, so passwords should contain any combination of letters and number WITHOUT the requirement of “special characters”.
    Tuesday, February 16, 2010 7:24 PM

Answers

  • Howdie!

    CHQM schrieb:
    > Is there away to force password policy on Windows 2008 R2 AD to accept
    > complex passwords of at least “letters and numbers”, so passwords should
    > contain any combination of letters and number WITHOUT the requirement of
    > “special characters”.

    No, this isn't possible with built-in functionality. The feature
    enforces three out of four items (numbers, special characters, lowercase
    letters, uppercase letters). Probably a third-party tool does that for you.

    Cheers,
    Florian

    Microsoft MVP - Group Policy (http://www.frickelsoft.net/blog)
    Tuesday, February 16, 2010 7:35 PM
  • Florian is correct that the functionality you are looking for is not included in the box.  You will need to look at other solutions to integrate.

    Here is an example of one:
    http://anixis.com/products/ppe/


    I have never used this product nor am I endorsing it.  I just wanted to provide you with an example so that you can do more research on your own.  There are several products on the market that provide this functionality.
    Visit my blog: anITKB.com, an IT Knowledge Base.
    Wednesday, February 17, 2010 1:19 AM

All replies

  • Howdie!

    CHQM schrieb:
    > Is there away to force password policy on Windows 2008 R2 AD to accept
    > complex passwords of at least “letters and numbers”, so passwords should
    > contain any combination of letters and number WITHOUT the requirement of
    > “special characters”.

    No, this isn't possible with built-in functionality. The feature
    enforces three out of four items (numbers, special characters, lowercase
    letters, uppercase letters). Probably a third-party tool does that for you.

    Cheers,
    Florian

    Microsoft MVP - Group Policy (http://www.frickelsoft.net/blog)
    Tuesday, February 16, 2010 7:35 PM
  • Florian is correct that the functionality you are looking for is not included in the box.  You will need to look at other solutions to integrate.

    Here is an example of one:
    http://anixis.com/products/ppe/


    I have never used this product nor am I endorsing it.  I just wanted to provide you with an example so that you can do more research on your own.  There are several products on the market that provide this functionality.
    Visit my blog: anITKB.com, an IT Knowledge Base.
    Wednesday, February 17, 2010 1:19 AM
  • Thank you all for the information, However, I think Microsoft should implement such feature in their next server OS........

    It's really important to have such flexibility, specially when you have +1000 users.
     
    Wednesday, February 17, 2010 7:27 AM
  • That is true, but its always a good idea to allow other companies to grow the technology.  That's how you expand on innovation.
    Visit my blog: anITKB.com, an IT Knowledge Base.
    Wednesday, February 17, 2010 6:24 PM
  • Change the local policy of the domail controller, problem will solve

    Saad

    • Proposed as answer by MuhammadSaad Tuesday, July 19, 2011 11:01 AM
    Tuesday, July 19, 2011 11:01 AM
  • o clarify, once you enable the "Complex Password" setting, the password for the user account will require 3 out of the 4 types of characters (A,a,1,$) to satisfy the policy.  The original poster is asking if the policy can be further simplified.  The policy cannot be.

    In addition, please note that this posting is over 1 year old and has already been marked as answered.  There is really no reason to add to this post unless new information is presented that can benefit the online community.

     

     


    Visit: anITKB.com, an IT Knowledge Base.
    facebook Follow me on Facebook.
    Tuesday, July 19, 2011 1:46 PM