Server Password Policy

最後更新: 2020-06-19

目錄

  • Standalone Server Password Policy
  • Domain Controller Password Policy

 


Standalone Server Password Policy

 

gpedit.msc

"Computer Configuration" -> "Windows Settings" -> "Security Settings" ->

"Account Policies" -> "Password Policy"

 * Password must meet complexity requirements (Default: Enable)

 * Maximum password age (Default: 42)(never expire by setting the number of days to 0.)

 * Enforce Password History (Default: Standalone: 0, DC: 42)

 


Domain Controller Password Policy

 

Select

Administrative Tools > Domain Security Policy from

Security Settings > Account Policies > Password Policy.

Right-click on Minimum password length in the right pane.

  • Enforce password history ("0" = 不過期)
  • Maximum password age
  • Minimum password age
  • Minimum password length
  • complexity requirements
  • Password must meet complexity requirements

S2016 / S2012 / S2008

DC 要在 "Group Policy Management" 改 Password Policy

展開 Forest -> 展開 Domains -> Select YOUR_DOMAIN -> Right Click "Default Domain Policy" Select "Edit"

Computer Configuration > Policies > Windows Settings > Security Settings > Account Policies > Password Policy