Maximum lifetime for user ticket -- maximum time that a user's ticket granting ticket may be used. After that time (default 10 hours) has passed, it must be renewed.
Maximum lifetime for user ticket renewal -- defines the time period within which a ticket can be used for and renewed.
Maximum tolerance for computer clock synchronization -- defines the maximum time difference that is allowed between the time on the client's clock and the domain controller. It is meant to prevent what are called "replay attacks" in which a valid data transmission is maliciously or fraudulently repeated or delayed.
The default settings for passwords on Windows and Active Directory are quite reasonable, though I would change the 7-character minimum password length to something higher. While the lockout features make the success of brute force password attacks highly unlikely -- if this is set and it is not by default, setting users' expectations that password should be longer than 8 characters is likely to improve the security of other accounts they use.