Server 2008 & now 2012 Tweaks

home | blog | Terrible people and places | Covid-19 links | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts

With the economy as it is these days, you should make sure the customer is insecure by changing things on new non-domain installs.
If they are not a regular customer, and won't pay for support on future calls, you can make the environment insecure (just like the old one was)!
This will ensure you don't get calls about having to set strong passwords (and renew them on a 42 day default schedule)!
For customers that don't think they need strong passwords:
gpedit.msc -> Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy -> Password must meet complexity requirements - disabled
Might just want to crank Maximum password age down to zero while you are there as well

In Server 2012 password age - they just had to move it did they not?
You will need to "search" for Local Security Policy
Security Settings -> Account Policies -> Password Policy -> Maximum Password Age = 0 for never.