re: Default Domain Policy - Password Policies Not Applying Correctly

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Rick Kingslan [MSFT]" <rickk.microsoft.com@xxxxxxxxx>
Date: Thu, 25 Aug 2005 20:46:40 -0700

What machine are you applying the settings to? Then, what DC are you reading the settings from?

I suspect that this is a replication problem, as I've run into this before. Let me know what you have for the two questions above, and we'll dive in from there.

Rick

-----Original Message-----
From: Duckfather@xxxxxxxxxxxxxxxxxxxxxxxxx
Posted At: Thursday, August 25, 2005 4:15 AM
Posted To: microsoft.public.win2000.group_policy
Conversation: Default Domain Policy - Password Policies Not Applying Correctly
Subject: Default Domain Policy - Password Policies Not Applying Correctly

Hi all

I have a Windows 2000 domain which has had a default password policy of the
following set in the past :-

Password must be 5 chars long
Change every 42 days
lockout after 6 invalid attempts

Whenever I try to change these settings in the Default Domain Policy, they
initially take, but the password length re-sets itself to 0 chars, lockout
re-sets to 6, and when I enable password complexity, it disables itself!

I have an ASP script that reads these settings, and I've seen the lockout
threshold change from 5 to 6 and back to 5 many times over a few hours (5 is
what I was trying to set it to) after I've made the changes (ie I've done the
changes once and not done anything since).

Anyone got any ideas?

Thanks in advance.

Andy
.

Prev by Date: re: Deployment Order
Next by Date: How to disable IE Connection in Win98...?
Previous by thread: Default Domain Policy - Password Policies Not Applying Correctly A
Next by thread: Deployment Order
Index(es):
- Date
- Thread

Relevant Pages

Re: Aftermath of RDIRCMP.EXE?
... Why not just make the Default Domain Policy back to default, which wiill eliminate any possibility that anything you change in there will affect the domain adversely. ... Then create the OU, and as Jorge suggested, link the GPO you previously created, or if you haven't created one, create one with the necessary settings. ... Also, just an FYI, there was another thread recently posted with a similar question, including an OU/GPO design question. ...
(microsoft.public.windows.server.active_directory)
Internet Explorer Proxy Settings
... Bis vor kurzem waren unsere Proxysettings ueber die Default Domain Policy ... wird mir bei dem lokalen User als ausschlaggebendes Objekt die Default ... Die Settings wurden aber richtig uebernommen... ...
(microsoft.public.de.german.win2000.gruppen_richtlinien)
Re: Default domain policy
... None of the default policies specify any permission settings. ... In the Default Domain Policy the only things defined by default are the ... manually or by importing a security template. ...
(microsoft.public.win2000.group_policy)
IE maintentance, Proxy Settings, No override
... my question--I made a new topic cuz I wasn't sure if old ... settings doesn't come back in the new GPO)? ... import them into the new default domain policy after ...
(microsoft.public.windows.group_policy)
Re: Active Directory design
... We have 5 main depts (Management, Middle Office, Marketing, Finance, Operations) plus a number of general admin staff that dont really belong to any dept. ... The only group policy settings I am planning to define are those to do with password security and workstation screensavers. ... If I do create the user accounts in the default 'Users' container, will the defualt domain policy work on users in this container? ...
(microsoft.public.win2000.active_directory)