Does it have a custom GINA? ________________________________
From: John Hornbuckle [mailto:[email protected]] Sent: Friday, March 19, 2010 10:46 AM To: NT System Admin Issues Subject: RE: Determining Password Complexity Requirements Thanks-we'll check this out. The other weird thing is that we can't access the machine via Remote Desktop or Remote Assistance. We have group policies to enable these, but either they're not accepting connections on this machine or there's some other software blocking access. We checked Windows built-in firewall, and it's configured to allow (our domain policies configure this). Grrr.... From: Joe Tinney [mailto:[email protected]] Sent: Friday, March 19, 2010 1:39 PM To: NT System Admin Issues Subject: RE: Determining Password Complexity Requirements John, Try running secpol.msc (Local Security Policy) and looking at Account Policies > Password Policies and see if that differs from the information you are seeing in gpedit.msc (Local Group Policy). I can't recall if they are different or if they operate independently, but it can't hurt. Also, from my experience, this is one of those settings that doesn't revert itself once the policy is no longer applied to the machine. I've had to go in and manually change this when we've needed to take the machines off the domain and use them for other purposes. Best of luck, Joe From: John Hornbuckle [mailto:[email protected]] Sent: Friday, March 19, 2010 11:26 AM To: NT System Admin Issues Subject: Determining Password Complexity Requirements We have a machine that the Army sent our ROTC folks, and it's giving us a hard time. It's not our standard machine, and came pre-configured from the Army. We joined it to our domain, and it seems to be picking up group policy from the domain-but a couple of things still aren't right. The biggest issue is that something on the machine seems to be requiring passwords of greater complexity than our domain policy requires. What I can't figure out is (A.) why that is and (B.) what those requirements are. I had my technician run gpedit.msc on the machine and look under Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy. All of the settings there match our regular domain settings. And yet every time she tries to set a local account's password to one that we know meets those requirements (because it's one we use on multiple machines with no problems), Windows pops up a dialog saying it doesn't meet the requirements. But if we put in a (much) longer and more complex password, the system will take it. I ran through the fix from MSKB 313222, but to no avail (although that did fix several other settings the Army had imposed on the machine). So, what the heck? Where is this machine getting its ideas about password requirements from? And how can I determine what those requirements are? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
