Alright I have tried my test and the situation gets even weirder than before:
1. If a create a brand new domain admin account on a domain that never had a domain administrator and try one of the common passwords, a red box appears at the top of the screen notifying me of password complexity requirements are not met. So that is working as it should.
2. If I log into a previous account that has a domain admin (not impersonate), in this case I logged into the account that was able to make the simple password initially, it just lets me create a user account with any password I want and ignores the password requirements as I posted above. I verified that this user is in fact a Domain Admin and he is and only sees their own users. So I took this a step further in the next step.
3. So on the same domain where the domain admin can create any password they want, I created a brand new domain admin account, log out and log into they fresh domain admin account I can create any password I want just like I did with the previous domain admin.
4. I logged into another domain that has had a domain admin and tried the same test, I get the same results as i did for the previous domain. I can create any password i want without the system stopping me.
So here's my observations on this, any domain we host that has had domain admins on them through the various updates we have done can create user accounts with any passwords they want without being subjected by the password requirements. Even if I create a new domain admin on those same domains that have had domain admins on them previously also exhibit the same behavior of not being subjected to the password requirements section as if they were a System admin, but without the entire list of every domain we host. Now if I go to a domain we host that has never had a domain admin and create a fresh one for the first time, then the rules apply here like they should if i try to create a password that is either on the common_passwords list or any of the password requirements we have in place.
I even went as far as revoking a domain admin, logging in as them as a regular user, logging out, upgrading their domain admin rights again, log back in and I am back to square one with being able to create any password I want and not be subjected to the password requirement section again.
So I went a step further and logged into the console of the server, went to their domain folder, went to the domain admin account on that domain and checked the userConfig.xml file to be sure it had them listed as a domainAdmin and it does. So there you have it and I am certain that tech will need to get involved with this.
I am guessing that you created a new domain admin on your test copy for a domain that never had one correct? Do you have a domain on your test box that has had a domain admin for awhile and has been through several updates?