HOWTO: Disable complex password policy on Hyper-V Server 2008?

security password hyper-v-server-2008-r2

How do you disable the password complexity requirements on a Microsoft Hyper-V Server 2008 R2?

Keep in mind that when you log into the server, the only UI you have is:

alt text

And you cannot run gpedit.msc:

C:\Users\Administrator>gpedit.msc
'gpedit.msc' is not recognized as an internal or external command, 
operable program or batch file.

because there are no .msc snap-ins installed with Microsoft Hyper-V Server 2008 R2.

The problem comes when you're trying to add an account to the server, so you can manage it, but it doesn't like most passwords:

alt text

And, predictably, typing

NET HELPMSG 2245

gives you

The password does not meet the password policy requirements. Check the minimum p
assword length, password complexity and password history requirements.

i hoped it would have been a friendly user experience, and either:

  • offered to disable the password policy
  • tell me how to disable the password policy
  • tell me how to check the minimum password length, password complexity and password history requirements.

Password Complexity Requirements

The Microsoft's default password complexity for Server Core is:

  • Passwords cannot contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
  • Passwords must be at least six characters in length.

  • Passwords must contain characters from three of the following four categories:

    1.English uppercase characters (A through Z).

    2.English lowercase characters (a through z).

    3.Base 10 digits (0 through 9).

    4.Non-alphabetic characters (for example, !, $, #, %).

External links

  • Technet Forums: Hyper-V Server disable complex passwords
  • Technet: Passwords must meet complexity requirements of the installed password filter

Update: 2k views? So many people keep coming coming to it: up-vote it!


You can export security settings with:

secedit /export /cfg X:\new.cfg

Then you edit new.cfg (it is ini format) and change line "PasswordComplexity = 1" to "PasswordComplexity = 0". Apply it on Hyper-V server with:

secedit /configure /db C:\Windows\security\new.sdb /cfg X:\new.cfg /areas SECURITYPOLICY

You can find more details in this blog post.

Related

One large RAID 10 vs several smaller arrays?
Tail and wildcard characters
MySQL: table is marked as crashed
How to filter on a the contents of a packet in Wireshark?
How do I set the default group for a vsftpd user's uploads? (ubuntu 10.04)
Run a Program Without User Being Logged On
Is it possible to get an inventory of all physical hard disks on a linux server?
TCP/IPv6 thru ssh tunnel
Slappasswd output randomized
Hard drive read errors that... stop?
Proper Sizing for PDU's/Power in Rack
MySQL, is there a way to tell when was database last changed/modified?