Password policy problem windows server 2008

Your member computer is picking up its local password policy settings from the "Default Domain Policy" (in a stock configuration) but you can override it by applying a group policy object with the password policy settings you'd like at the OU of that machine (or, really, anywhere lower than the top of the domain but above that computer object's path).

As long as you don't put another password policy into a GPO at the root of the domain you won't cause changes to the domain-wide password policy (used for AD accounts by domain controllers).

You might see things about granular password policies in W2K8, but this isn't what you're looking for. What you want can be done in every version of AD back to W2K, because it only applies to local accounts on member computers.

I assume the GPO you were changing was the Default Domain GPO; that is the only one that affects domain userid's. GPO's on OU's only affects local accounts on domain-member computers that are in that OU.

Although domains in Win2008 mode can do OU-based policy however I have not researched how nor the details.