Re: password policy/complexity
From: Dmitry Korolyov [MVP] (d__k_at_removethispart.mail.ru)
Date: 03/17/04
- Next message: George Sinkinson: "Re: Cannot find the file ..."
- Previous message: Frank: "Off-Line Folders and Synchronization"
- In reply to: robb: "password policy/complexity"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 17 Mar 2004 21:19:48 +0300
Allright. I guess we are talking about domain accounts, not local user
accounts here? In case of domain user accounts, there may be only one
account policy (and therefore password policy) per domain. Password
policies, including password length and complexity settings, should be
defined at a domain level.
For more details, see KB255550, How to configure account policies in Active
Directory and KB 259576, Group Policy Application Rules for Domain
Controllers.
Any account and password policies defined at an OU level will apply only to
the local user accounts created on the computers located in that OU.
-- Dmitry Korolyov [d__k@removethispart.mail.ru] MVP: Windows Server - Active Directory "robb" <anonymous@discussions.microsoft.com> wrote in message news:7D629109-F3F0-4444-AB7C-E644BABC0ED8@microsoft.com... I deployed a Win-2003 server/domain and intially disabled the password complexity via the group policy editor and now want to enable it. I changed the necessary settings in 'ComputerConfig-WindowsSettings-AccountPolicies-PasswordPolicies", and even triggered a 'gpupdate /force", but when I try to update a client password for a domain user on a member PC the policy settings aren't enforced even after re-booting the PC. (I've made certain that I'm editing the policy of the OU to which my user/PC are a member of) Am I missing something here ? thx, ~~Robb
- Next message: George Sinkinson: "Re: Cannot find the file ..."
- Previous message: Frank: "Off-Line Folders and Synchronization"
- In reply to: robb: "password policy/complexity"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
