none
Does not apply complex password.

    Question

  • I currently have a password policy set up on my domain. When a user tries to change the password, the GPO allows you to leave the password blank even though the complexity is active. Thank you.

    Wednesday, November 16, 2016 3:11 PM

Answers

  • Hi,

    Is it a AD DS(Active Directory Domain Service) environment?

    If yes, you should configure the default domain group policy in your domain.

    For domain accounts, there can be only one account policy per domain(except fine grain password policy). The account policy must be defined in the Default Domain Policy or in a new policy that is linked to the root of the domain and given precedence over the Default Domain Policy, which is enforced by the domain controllers that make up the domain. A domain controller always pulls the account policy from a Group Policy object (GPO)linked to the domain, which by default is the Default Domain Policy GPO. This behavior occurs even if there is a different account policy applied to the organizational unit (OU) that contains the domain controller.

    For more information, please refer to the article below.

    Account Policy Settings

    https://technet.microsoft.com/en-us/library/cc757692(v=ws.10).aspx

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by alopezt24 Tuesday, November 22, 2016 5:03 PM
    Thursday, November 17, 2016 1:34 AM
    Moderator