Creating AD Group Policies

After installing Active Directory and working with it for about a week you maybe like me and are sick of the crazy default password restrictions. The solution is to create your own group policy. To do this you just need to follow these steps:

Step 1: Disable the Default Group Policy


Step 1

In your Server Manager click Features>Group Policy Management>Forrest:Your Domain>Domains>Your Domain. Then Right click on the Default Domain Policy and uncheck Enforced and Link Enabled. This should disable the policy, but I like to disable the functions itself so click Edit.

Step 2

Within this window right click on the top Default Policy and choose Properties.

Step 3

Check the box that Disables Computer Configuration settings and Disable User Configuration settings.

Step 2: Create a New Group Policy


Step 4

Close out and right click on your domain and choose Create a GPO in this domain, and Link it here… After that a pop-up comes up and you can name it what you wish. Following that you will see it listed next to where you found the Default Domain Policy. You can right click that again and choose Edit.

Step 5

Here you need to navigate to the Password Policy as in the image and here you can edit the following rules. These rules are pretty simple, but they are to require passwords to be not used within so long in the past, not so old, not to be changed so fast, this long in length, the password is complex enough, and encryption.

Enjoy and if you have any questions comment or send me a message on from the Contact Page.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.