Jump to content

Secuirty Settings in GPO


sorinn
 Share

Recommended Posts

What is the difference between linking a GPO with security settings for user accounts customized ( minimum pwd age, enforce pwd history ) to the Domain level, to Domain Controllers, to a particular OU?

Link to comment
Share on other sites


Domain controller would mean any policy would also be applied to the domain controller (i.e. if you had a disclaimer this would also show when accessing the domain controller account) whereas if it was applied to an OU it would only effect those accounts within the OU and not the domain controller.

Link to comment
Share on other sites

I meant Password Policy, which at the OU level affects only local users for the machines in the OU.

What happens when assigning a GPO with a new password policy to DC container? Does this affect only the users who log on on the DC?

Link to comment
Share on other sites

Password policies are machine level. If you enforce a password policy on the domain controller(s), it will affect all domain accounts since they reside on the domain controller(s). So regardless of where the domain user physically logs in (workstation or DC) they will be forced to use the password policies set on the domain controller(s).

Although I'm not sure why you would do this, you can enforce a different password policy on workstations than from the domain controllers. These policies would only apply to local workstation accounts though.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...