moinuddin_sh Posted December 5, 2007 Posted December 5, 2007 I want to define password policy (lengh, age etc.) under the group policy of a user group. I did it "Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\" but when a user of this group login to domain, this policy has no effect on the user.
fizban2 Posted December 5, 2007 Posted December 5, 2007 once the user is logged on, run from the command prompt gpresultis the GPO that you created listed as being applied? if not run gpupdate /force from the command line and log off the machine. double check the GPO is connected to the correct out. if you have not already done so i would suggest downloading the Group Policy Management Console from Microsofts site
nmX.Memnoch Posted December 11, 2007 Posted December 11, 2007 If I'm not mistaken you can currently only have one password policy in the domain (this may change with Windows Server 2008). I believe it also has to be specified in the Default Domain Policy (or the Default Domain Controller Policy). Keep in mind that the user accounts are stored on the Domain Controller(s) so applying this setting to any other computers will only apply to local accounts on those computers, not the domain accounts. This is a setting that needs to be enforced on the Domain Controllers since there's where the user accounts are stored.
nitroshift Posted December 11, 2007 Posted December 11, 2007 If I'm not mistaken you can currently only have one password policy in the domain [...]Correct!
cluberti Posted December 11, 2007 Posted December 11, 2007 I believe it also has to be specified in the Default Domain Policy (or the Default Domain Controller Policy).Also correct!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now