cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Windows Server 2012R2 password policy

Theresa Stock
Copper Contributor

‎Aug 13 2020 04:41 AM

‎Aug 13 2020 04:41 AM

Windows Server 2012R2 password policy

When creating new users I am required to enter a password of 14 characters.  I have checked in the default domain policy for the password policy settings and these are not defined so I assume it should pickup the default password length of 7 characters.

 

There are fine grained password settings setup for the domain one for staff and one for students but when creating a new user it is not in any of those groups.

 

How can I find out where and why it is picking up the 14 characters setting?

 

Thanks in advance for any help you can give me:smile:

1,013 Views
0 Likes
3 Replies
Reply
3 Replies
HidMov

‎Aug 13 2020 04:58 AM

‎Aug 13 2020 04:58 AM

Re: Windows Server 2012R2 password policy

Hi @Theresa Stock 

 

In your position, I would run a Group Policy Results against the user and the computer - this should give you information on which GPO's are being applied for the password settings, then drill down at the GPO and see the individual settings.

 

Example from my test domain:

 

gpo.png

 

Hope this helps. Let us know how you get on.

 

Mark

0 Likes
Reply
Theresa Stock

‎Aug 13 2020 08:44 AM

‎Aug 13 2020 08:44 AM

Re: Windows Server 2012R2 password policy

Thanks very much @HidMov 

 

I did that but it seems to have opened up an even bigger can of worms:(  Someone else setup this network and has since left.  I can't see anything in the GPO results that is forcing it to 14 characters.  Although the default domain policy does not have this set, is it possible that it is making the default 14 rather than 7?  I wonder if I should try setting this and see what happens?  I don't want to break anything though!

0 Likes
Reply
HidMov

‎Aug 13 2020 09:28 AM

‎Aug 13 2020 09:28 AM

Re: Windows Server 2012R2 password policy

Thanks @Theresa Stock - very odd. I've not seen any case where the password policy would show as 7 days but revert over to 14, unless there is some kind of 3rd party management app?

 

In AD Poweshell, could you run the following and let me know the result? 

 

Set-ADDefaultDomainPasswordPolicy -MinPasswordLength 16 -Identity contoso.com

 

When you run the GPO Result, does it specify the set password length and the winning GPO as per my previous screenshot.

 

Thanks,

Mark

0 Likes
Reply