Re: GPO security settings not applied
From: Cary Shultz [A.D. MVP] (cwshultz_at_mvps.org)
Date: 02/17/05
- Next message: Andrew Mitchell: "Re: Applying Group Policies"
- Previous message: pdigiacinto: "Re: Enable DHCP using GP...?"
- In reply to: lforbes: "Re: GPO security settings not applied"
- Next in thread: Henri Visser: "Re: GPO security settings not applied"
- Reply: Henri Visser: "Re: GPO security settings not applied"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 16 Feb 2005 21:37:11 -0500
Lara,
I promise that I am not following you!
The Password Policy is indeed set at the Domain - level. I like to use the
Domain Security Policy to set this. You can do this in the Default Domain
Policy if you like.....
However, you can indeed set a password policy at the OU - level! Please
note that this would be set on an OU in which computer account objects
directly reside and would affect only local user accounts ( note: not domain
user account objects! ).
-- Cary W. Shultz Roanoke, VA 24014 Microsoft Active Directory MVP http://www.activedirectory-win2000.com http://www.grouppolicy-win2000.com "lforbes" <UseLinkToEmail@WindowsForumz.com> wrote in message news:42139e9f$1_5@alt.athenanews.com... > "Henri Visser" wrote: > > Hi, > > > > I have the following OU & GPO structure: > > > > Domain - Default Domain GPO > > |_ Company - Company GPO > > |_ Head Office > > |_ IT - IT GPO - Enforced - Block Inheritance > > |_ Finance > > |_ Marketing > > |_ etc... > > |_ Branch 1 > > |_ Branch 2 > > |_ etc... > > > > Default domain GPO has been left as installed. > > > > I have set some security options in the Company GPO. (Password > > length, > > expiry, time before change allowed, etc.) > > > > I have blocked inheritance on the IT OU and created a GPO for > > the IT OU that > > has some security options (password never expires, no minimum > > time on > > password, etc) > > > > My user and computer are both in the IT OU, however when I try > > to change my > > password it appears as if I have the password related settings > > from the > > Company GPO. User settings in the IT GPO (ex. IE settings) etc > > are applied > > correctly. > > > > Any ideas? > > > > Thank you very much > > > > Henri Visser, MCSE 2000 > > Hi, > > Security Settings like Password length etc need to be set at the > Domain Level to be applied. That is what the MS documentation says. It > is not something you can set at the lower OU's. > > That is by design. I haven't found a way around it yet. > > Cheers, > > Lara > > -- > Posted using the http://www.windowsforumz.com interface, at author's > request > Articles individually checked for conformance to usenet standards > Topic URL: > http://www.windowsforumz.com/Group-Policy-GPO-security-settings-applied-ftopict265797.html > Visit Topic URL to contact author (reg. req'd). Report abuse: > http://www.windowsforumz.com/eform.php?p=832195
- Next message: Andrew Mitchell: "Re: Applying Group Policies"
- Previous message: pdigiacinto: "Re: Enable DHCP using GP...?"
- In reply to: lforbes: "Re: GPO security settings not applied"
- Next in thread: Henri Visser: "Re: GPO security settings not applied"
- Reply: Henri Visser: "Re: GPO security settings not applied"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
