Quote:
-Maximum password age - 15 days (thats my level of paranoia for a home computer when -implimenting the same in a diffrent enviourment use your own level our paranoa )
-Minimum password age - 0 days
-Minimum password length - 21 characters
-Password must meet complexity requirements - Enabled
-Store passwords using reversible encryption for all users in the domain - Disable
judging by this policy, especially the short TTL on the passwords and the length Id guess you have never had to set policy for a non-tech staff before. Good luck trying to get 100+ people to remember a password that is 21 characters long, complex (so it includes letters numbers and symbols) and that they have to change every 15 days. I hope your helpdesk is ready to reset passwords VERY often.