Create local user to bypass password policy

Problem:

You are trying to create an IIS account for basic authentication, however the domain password policy does not allow you to create such an insecure password.
When trying to edit the local group policy setting of "Password must meet complexity requirements" you run into the issue where the setting is greyed out.


Solution:

The solution is to perform the following commands from an elevated command prompt.
secedit /export /cfg C:\new.cfg
Edit new.cfg and change line “PasswordComplexity = 1″ to “PasswordComplexity = 0″ and if needed any of the other complexity settings such as  "MinimumPasswordLength = 0"
secedit /configure /db %windir%\security\new.sdb /cfg C:\new.cfg /areas SECURITYPOLICY
Perform the user setup as normal.

Use GPUpdate /force to have the original group policy take effect again.

Comments

Popular posts from this blog

Azure - Check Invitation Status to guest user

Advice for breaking into the DevOps field

Blogs for Azure Information