Programmatically Set Local Security Settings in Windows

Hello good people of Stack Overflow,

I am having a hard time trying to figure out a way to do this (or even if it is possible). I am trying to programmatically set (not just read, which I can do just fine) Local Security settings on Windows 7. I don't know if I'm referring to those correctly, but basically I want to change things under "Computer Configuration\Windows Settings\Security Settings\Account Policies."

Things I have tried/researched:

Setting group policy using IGroupPolicyObject/registry settings...I can do this for group policy in administrative templates, but security settings don't appear to have anything to do with the registry.
Setting values using ADSI...I can't find any examples of how to set the policy for the whole computer--all I can find are examples of setting things like password expiration for specific users in AD.
WMI--I cannot find any examples of actually setting security policy with WMI--I can read values just fine using the RSOP_ classes but those appear to be read-only. Also, I can't seem to really figure out what exactly is available to me with WMI because there doesn't really seem to be any comprehensive documentation.

Any thoughts (or better yet, examples?) This is driving me crazy--there seem to be 30,000 different possible ways to do this, but none of them are particularly helpfully documented and I feel like I'm drowning in alphabet soup.

Thanks!

Solution

Most of the settings under "Account Policies" can be configured using NetUserModalsSet with either USER_MODALS_INFO_0 (password policy) or USER_MODALS_INFO_3 (account lockout policy).

However, I couldn't find any way to configure "Password must meet complexity requirements" or "Store passwords using reversible encryption".