Tag Archives: windows

Creating AD Group Policies

After installing Active Directory and working with it for about a week you maybe like me and are sick of the crazy default password restrictions. The solution is to create your own group policy. To do this you just need to follow these steps:

Step 1: Disable the Default Group Policy


Step 1

In your Server Manager click Features>Group Policy Management>Forrest:Your Domain>Domains>Your Domain. Then Right click on the Default Domain Policy and uncheck Enforced and Link Enabled. This should disable the policy, but I like to disable the functions itself so click Edit.

Step 2

Within this window right click on the top Default Policy and choose Properties.

Step 3

Check the box that Disables Computer Configuration settings and Disable User Configuration settings.

Step 2: Create a New Group Policy


Step 4

Close out and right click on your domain and choose Create a GPO in this domain, and Link it here… After that a pop-up comes up and you can name it what you wish. Following that you will see it listed next to where you found the Default Domain Policy. You can right click that again and choose Edit.

Step 5

Here you need to navigate to the Password Policy as in the image and here you can edit the following rules. These rules are pretty simple, but they are to require passwords to be not used within so long in the past, not so old, not to be changed so fast, this long in length, the password is complex enough, and encryption.

Enjoy and if you have any questions comment or send me a message on from the Contact Page.

Windows Clock/NTP Sync

For awhile I noticed that my desktop’s clock was off by about an hour and some and this finally bugged me enough to find the cure. Essentially it was my active directory server’s clock was off as well and that’s where the desktop’s clock pulls its time from. So with a few google hits I found how to force a refresh of the clock. In command line simply punch in:

w32tm /resync

Unfortunately my Windows 2008 R2 server only spit out this error after that:

C:\Users\Administrator> w32tm /resync
Sending resync command to local computer
The computer did not resync because no time data was available.

After googling around I then found a series of commands to sync to another NTP server:

C:\>netdom /query fsmo
C:\>net stop w32time
C:\> w32tm /config /syncfromflags:manual /manualpeerlist:"0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org"
C:\>w32tm /config /reliable:yes
C:\>net start w32time
C:\>w32tm /query /configuration

Following this all clocks were running on time for once.