Hi everyone,
I have a fairly... uh, security lax work environment (our VPN password was "test" for like 5 years, that's been fixed now). For various reasons my boss wants our passwords to be set in stone, but one of our new guys changed his password to his username so another new guy could get into his account while he was away.
Now he can't change it back because the default domain policy is something to the effect of "you can't re-use a password until 24 other passwords have been used". I'm trying to change the password history to zero so he can go back to "the password he's supposed to use", but I'm not having any luck.
Our DC is a Windows Server 2008 R2 box. From a workstation as a user with the appropriate rights, I went into Administrative Tools->Group Policy Management, found "Default Domain Policy", poked through Computer...