I need to automatically set the following local password policies on a number of standalone Windows 2008 Server machines:
Maximum password Age
Minimum password Length
Password must meet minimum complexity requirements
Are there registry settings for these settings? Googling around suggested the following keys:
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
Sadly they don't seem to apply to Windows 2008.
Best Answer
The items you wnat to change are stored in the registry, but not in a place that you really want to be playing around "by hand".
Since these aren't domain-member computers, you'll want to change these items in the local security policy. You can get there quickly by running "SECPOL.MSC" from the "Start" button. Dig into "Account Policies" and "Password Policy" and you'll find the settings you're looking for.
After you modify the settings either reboot or run "GPUPDATE" to cause the changed settings to take effect.
If you have any number of machines to do this to you can use the "Export Settings..." functionality in the Security Policy editor to export the settings to an INF file. To apply that INF file on other servers, copy the INF file over to them and execute: