Create local user to bypass password policy
Problem:
You are trying to create an IIS account for basic authentication, however the domain password policy does not allow you to create such an insecure password.
When trying to edit the local group policy setting of "Password must meet complexity requirements" you run into the issue where the setting is greyed out.
Solution:
The solution is to perform the following commands from an elevated command prompt.
Perform the user setup as normal.secedit /export /cfg C:\new.cfgEdit new.cfg and change line “PasswordComplexity = 1″ to “PasswordComplexity = 0″ and if needed any of the other complexity settings such as "MinimumPasswordLength = 0"secedit /configure /db %windir%\security\new.sdb /cfg C:\new.cfg /areas SECURITYPOLICY
Use GPUpdate /force to have the original group policy take effect again.
Comments
Post a Comment