How to disable (turn off) the default Windows 2012 Administrator Complexity
1. Open the Administrative Tool
2. This places you in the Administrative Tools section. Select Local Security Policy.
3. Change the password Must Meet Complex Requirements option to Disabled.
In a Domain Environment, for an Active Directory Domain Server.
-
- In the Server Manager click on Tools and from the drop down click Group Policy Management
-
- Expand Forrest >> Domains >> Your Domain Controller.
NOTE: There are some steps in the comments that some have made, that advise of additional steps at this point. Try without, but if you fail… have a look in the comments.
- Expand Forrest >> Domains >> Your Domain Controller.
-
- Right click on the Default Domain Policy and click on the Edit from the context menu.
-
- Now Expand Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy
-
- Double-click on the Passwords Must Meet Complexity Requirements option in the right pane.
-
- Select Disabled under define this policy setting:
-
- Click Apply then OK all the way out and close the GPO window.
- In order to refresh the policy type the following command: “gpupdate /force” in the CMD window and click ENTER.
There is a step missing between 2 and 3
What step?
doesn’t work followed these steps and any other version of server it does work using same method so seems 2012 is got a fault
just did it and its working perfectly & no steps are missing , great guide and keep up the good work
P.S . ignore haters
Thank you for the feedback.
There is a real step missed between 2 and 3 which is:
After expanding the domain, click on Group Policy Objects in the left column of the screen (and then in the right side of the screen you see Default Domain Policy which takes you to step 3)
So, nothing about haters. Just users that found this page as I did and want others to benefit from accuracy.
In the windows server 2012 R2, in the steps between 2 and 3, you must execute these step:
Account Policies -> Password Policy, then you can change “Password must meet complexity requirements” to “disable” in the right panel.
Thanks for the additional details.
Just because it worked for you does not mean it works for everyone. Please keep your passive aggressive “ignore haters” comments to yourself.
Exactly! I kept wondering what am I missing!
The comments section helped me.
“Account Policies -> Password Policy, then you can change “Password must meet complexity requirements” to “disable” in the right panel.”
Thanks @Charly.
Thanks @James for the good comment
what if the Default Domain Policy edit option is greyed out? how to do enable it?
Likely not logged in with the Domain admin account but rather the computer admin?
The step missing between 2 and 3 is ‘Select Account Policies/Password Policy’
Thanks.
This worked for me on Server 2012R2
I had the same error and it turned out the administrator password requirement was disabled. i had to turn it back on through net user. open command prompt type net user hit enter then type “net user administrator /passwordreq:yes”
Group Policy not working but Local Security Policy works, why?
Not sure actually.
Best explanation ever
Works great. Perfect explanation. Thank you
Most Welcome.
This also works on Server 2016 (role: Domain controller).
It worked.
Good steps … Thanks
Very helpful. Thanks!
Worked, great
What are the default password complexity settings in Windows server 2012 R2?
I disabled, but its still very hard to get a new password to work?
Example i tried to reset this users password with the below and it did not accept it:
XegpT#293@
WTF? The min character is set for 8 and i do not see anywhere else why that would not be a good password.
Have a great day everyone!