Skip to main content
InSource Solutions

TN WW164 Modifying the Password Policy for Active Directory Users




This article from InSource shows how to modify the password policy restrictions for Active Directory users.

  • Author: Rich Brooks
  • Published: 7/8/2016
  • Applies to: Windows Server 2008R2 and higher


Wonderware applications often reside on servers or workstations that are members of a domain.  A dedicated domain separate from the domain used on the business network is sometimes configured for the process network.  It is often necessary to modify the default Active Directory password policy to support operator logins from the HMI. 

The first step is log into the the Active Directory server as a domain administrator.  


Select the start button to open Administrative Tools | Group Policy Management.


Expand the tree on the left panel to locate Group Policy Management | <forest name> | Domains | <domain name> | Group Policy Objects | Default Domain Policy.  Right-click on Default Domain Policy to select Edit.... from the drop down list.

The Group Policy Management Editor opens in a separate window.


Expand the tree in the left panel to locate Default Domain Policy | Computer Configuration | Windows Settings | Account Policies | Password Policy.  Modify the policies to the right with the required password restrictions.  Close the window to save the changes.  

Note:  Disabling the 'Password must meet complexity requirements' policy may reset the other password policies when the change is saved.  It is best to disable this option first and then save the changes before modifying the other password policies.