Sage 300 2023 SP5 authentication method

SOLVED

When upgrading to Sp5 and using the new security model I have trouble making users with the Sage 300 authentication method.   It indicate that a password needs to have at least 1 upper or lower case value and a special character but that is not set in the local security policy.   When I make the user a windows user (on a domain) there are no issues.   

With Sage 300 authentication where is it getting that policy for # of characters and 1 upper and 1 lower and a special character.  Is that somewhere within sage and a default?  if that is the case what is the default for account lockout or password history that it will user.