In previous versions of Active Directory, we had only one password policy for the entire domain. Some companies had to use multiple domains to place different password policies on different users or buy third party solutions. In Windows Server 2008, you can use fine-grained password policies to specify multiple password policies and apply different password restrictions and account lockout policies to different sets of users within a single domain.
Password polices are designed to control what kind of password a user can have and how often the user needs to change it. Strong password policies are important to help protect your system and data.
This video shows step by step configuration of fine-grained password policy introduced in Windows 2008 and in Windows 2008 R2.