Create local user to bypass password policy

-

Problem:

You are trying to create an IIS account for basic authentication, however the domain password policy does not allow you to create such an insecure password.
When trying to edit the local group policy setting of "Password must meet complexity requirements" you run into the issue where the setting is greyed out.


Solution:

The solution is to perform the following commands from an elevated command prompt.
secedit /export /cfg C:\new.cfg
Edit new.cfg and change line “PasswordComplexity = 1″ to “PasswordComplexity = 0″ and if needed any of the other complexity settings such as  "MinimumPasswordLength = 0"
secedit /configure /db %windir%\security\new.sdb /cfg C:\new.cfg /areas SECURITYPOLICY
Perform the user setup as normal.

Use GPUpdate /force to have the original group policy take effect again.

Comments

Post a Comment

Popular posts from this blog

Azure - Check Invitation Status to guest user

-
Image
Often times you will need to invite a 3rd party to your Azure AD tenant to support your environment. When you add them to a resource, they will automatically be invited as a guest user in your Azure AD tenant, however they won't be able to access this until they accept the invitation email. If you send an invite to a guest user you can see if they have accepted the invitation or not. You also have the option to resend the invitation. From Azure AD you can search for guest users and drill down into an individual one. Here is what the email looks like - the key here is the email comes from " [email protected] " because it can be sent on behalf of this may end up in the junk or spam email folder, so be sure to have them check there.
Read more

Blogs for Azure Information

-
Here are some of the blogs that I follow for information around new features in Azure, OMS, Log Analytics, Azure Monitor, etc. Azure Monitoring Services Health Status https://blogs.msdn.microsoft.com/servicemap-status/ Microsoft Azure Roadmap https://azure.microsoft.com/en-us/roadmap/ System Center Me http://systemcenterme.com/ Quae Nocent Docent (Great weekly OMS, SCOM, and Azure Info) https://nocentdocent.wordpress.com/ Operations Management Suite Blog https://blogs.technet.microsoft.com/msoms/
Read more

Azure Point to Site VPN failure with error code 809

-
I ran into some trouble today troubleshooting a developer's workstation. The issue was when using a Point to Site IKEV2 VPN some clients could not connect - they received an error: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g, firewalls, NAT, routers, etc) between your computer and the remote server is not configured to allow VPN connections. Please contact your Administrator or your service provider to determine which device may be causing the problem. (Error 809) The strange thing was that some other workstations seemed fine. After bashing our collective heads against the wall, checking checking the P2SChild, doing all sorts of network troubleshooting to the endpoint DNS name -  azuregateway-8fc2c9e3-26cd-432a-ae47-92b7f6422a5d-e1a7e8cec41d.vpn.azure.com , editing registry, checking firewalls, etc, we finally determined the caus
Read more