Lowering Password Complexity Requirements of New AD Accounts

It’s funny how much you forget when you don’t touch it for a long time. It’s also kind of funny how quickly you can pick it back up.

I was setting up some new user accounts on my home domain and I realized that the password complexity requirements were too annoying for my users. If you are using a Windows Server 2008 R2 AD, you can do the following to remove the password complexity requirements:

How to Change Active Directory Password Policy in Windows Server 2008

  1. Click Start, click Administrative Tools, and then click Group Policy Management.
  2. Under Group Policy Management window, go to Forest > Domains > {your domain} > Default Domain Policy, click on the Settings tab you can see the default password policy applied to your domain user accounts.Unfortunately, there is no option for you to edit or change the default domain policy. The only way to change your password policy is to create a new domain policy to overwrite the default domain policy.
  3. To create a new domain policy, please click on your domain name in the left panel, then select Create a GPO in this domain, and Link it here….
  4. Now right-click on the domain policy you’ve created and then click Edit.
  5. In the appearing window, go to Policies > Windows Settings > Security Settings > Account Policies > Password Policy.
  6. You can double-click on the Password must meet complexity requirements in the right pane to disable the setting, or double-click on Minimum password length to change the password requirement, and so on.
  7. After you complete the editing of your domain policy, right-click on your new domain policy and tick the Enforced and Link Enabled to make your changes to take effect.

More info: http://www.top-password.com/blog/how-to-change-active-directory-password-policy-in-windows-server-2008/

Note that when you change GPO policies, you’ll have to update them on your machine before they’ll take effect. Just run gpupdate to do that. If you want to see the policies that are being enforced, you can run rsop.msc.

Studying for the Office 365 70-346 Exam

51CszP0+8ZL._SX407_BO1,204,203,200_

I started studying for the Office 365 70-346 exam like a week ago, and I feel like it’s been going a lot slower than expected. I have a really good background managing cloud environments (well technically on-site environments, but hosted on the cloud), so I thought I would breeze through everything. I guess I kind of am breezing through it…but the material is really dry.

I bought the “officially recommended” book to study for the exam. Usually when studying for certifications I opt for paperback books, but since this book is only 200ish pages (and I thought it would be a quick read) I went for the kindle only edition. I paid about $17.50. The release date of the book was 29 days ago, so I assume that the material is up to date. Which is important apparently, because the book itself will tell you that the material within may become out-dated at any time. I’m sure Microsoft will make money selling newer editions.

Most of the book material is actually extremely easy if you have a production IT background. Once you understand the idea of Office being hosted in the cloud, and how to replicate on-premise solutions to Microsoft servers, the conceptual stuff is cake. I think that if there is any difficulty, it will be the powershell cmdlets that need to be memorized. Chapter 3 of the book has about 10 pages that just list out cmdlets and what they do. Since I don’t actually manage an Office 365 environment for work, I’ll probably have to flashcard-memorize those commands.

I will say this: do NOT watch the free videos on the Microsoft Academy website if you are trying to prepare for this test. They are absolutely boring, and you’ll waste many hours just watching Microsoft agents spout advertisements for their product. I gave up after the first couple videos, even though my managers told me to study for the exam using that method. I believe the book and possibly CBT nuggets will be easier to digest. So far I’m about 65% done reading the book; I should finish the rest within a week and begin the actual memorization of information.

Supposedly the test will cover the below objectives.  I think that questions from objectives 1-3 will be easy after reading the book, especially since the questions are multiple choice. 4-5 might will require memorization of Powershell cmdlets and what they do. 6 will only be difficult if the test is written poorly. From my experience with “troubleshooting” questions, even if you know the material well, you have to guess what the correct answer is based on what the exam writers want. This will be my first Microsoft test. Hopefully things go well.

  1. Provision Office 365 (15–20%)
  2. Plan and implement networking and security in Office 365 (15–20%)
  3. Manage cloud identities (15–20%)
  4. Implement and manage identities by using Azure Active Directory Synchronization (AADSync) (15–20%)
  5. Implement and manage federated identities for single sign-on (SSO) (15–20%)
  6. Monitor and troubleshoot Office 365 availability and usage (15–20%)

As an MDM specialist trying to improve my skillset, I think learning Office 365 is a good lateral move. Considering the millions Microsoft is investing to keep these services up and running (99.9%!), I can see a lot of customers willing to pay good money for support.