Hello - I am new to these forums, and in actuallity, I am new to Microsoft Server (any version) and I am having a problem. So far, I have managed to succesfully install Server 2008, add all the users, add a domain, and it all seems to be working thus far. Now, the problem I am having is with passwords. When I went to go login as anyone other than Administrator, it asks me to change the password, but then will not let me change the password to anything except something containing non alpha numerice characters (such as !@#$%) Then, after changing my password to something meeting those, it still wont let me login. It says something along the lines of logging in in that manner is not allowed on this machine (put simply). I was wondering if anyone could point me in the right direction. I do see that the passwords do have to fall under the Password Policy (inside of Local Security Policies) But it will not let me change any of the values

On password complexity... By default a password needs to comply with the Default Domain policy. This means your password needs to meet the minimum password complexity. New passwords must meet the following minimum requirements: The password is at least six characters long. The password contains characters from three of the following four categories: English uppercase characters (from A through Z) English lowercase characters (from a through z) Base 10 digits (from 0 through 9) Non-alphanumeric characters (for example: !, $, #, or %) The password does not contain three or more characters from the users account name. If the account name is less than three characters long, this check is not performed because the rate at which passwords would be rejected would be too high. When checking against the users full name, several characters are treated as delimiters that separate the name into individual tokens: commas, periods, dashes, hyphens, underscores, spaces, number signs (#), and tab characters. Each token that is three or more characters long is searched for in the password, and if it is present, the password change is rejected. For example, the name Erin M. Hagens would be split into three tokens: Erin, M, and Hagens. Because the second token is only one character long, it would be ignored. Therefore this user could not have a password that included either erin or hagens as a substring anywhere in the password. None of these checks are case-sensitive. Although the default password filter (passfilt.dll), which you enable withthe "Password must meet complexity requirements" option, enforces passwords of six characters it is still recommended to define a minimum password length larger than six characters. It is possible to create your own passfilt.dll and replace the default filter. Alternatively you can disable the "Password must meet complexity requirements" option in the Default Domain policy (not recommended) Since policies applied on the Active Directory Domain, Active Directory Site and Organization Unit level overrule local policies it's not a very bright idea to change these values in a local policy on a server that is member of a domain. On logging in as a user on a server... By default you cannot interactively login to a Domain Controller with useraccounts, that are not member of the Domain Admins, Administrators, Server Operators or Backup Operators group. You can change this default behavior on Domain Controllers in the Default Domain policy or the Default Domain Controller policy. On non-Domain Controllers you can change this behavior in the Local Security policy.