Re: Need help w/ group policy

• Previous message: George: "the dreaded "The local policy of this system does not permit you to logon"
• In reply to: Roger Abell [MVP]: "Re: Need help w/ group policy"
• Messages sorted by: [ date ] [ thread ]

Date: 23 May 2004 07:46:31 -0700

I added the computer to the domain and it has the security policy that
I set in the GPO editor. The user that logs in is asked to enter a
new password but it just lets her type no password. (Is it because I
have no password set now?) Right now it is set up in both the domain
security policy and in the gpo which is enforced both to the computer
and to the users (not the admins) in teh account settings that they
have to enter a password of at least 7 characters with the complexity.
 Is there any way I can fix this so that they have no password now and
when they login with no password they have to enter a password of at
least 7 characters with the complexity enabled.

"Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message news:<#rwJi54OEHA.556@tk2msftngp13.phx.gbl>...
> Are the accounts logging in with domain rather than machine
> local credentials ?
> If with domain accounts, then set password policies in a GPO
> linked to the domain, if machine local accounts then set the
> policies in a GPO linked to an OU that contains the computers
> that they will log in at.
> After changing policies in AD make sure the client machines
> have refreshed (such as with reboot, as there can be a rather
> length time delay until this is done with periodic checking).
> Use RSoP or policy results capability of GPMC to determine
> what is the GPO source of then effective policies.
>
> --
> Roger Abell
> Microsoft MVP (Windows Server System: Security)
> MCDBA, MCSE W2k3+W2k+Nt4
> "Daniel" <webmaster@nhscomputerclub.com> wrote in message
> news:4cadd7d3.0405160830.d93d8b8@posting.google.com...
> >I have one server running windows server 2003 and I can't get the
> > policy to work right. I added 25 users then made all their passwords
> > be nothing and then I told them to change there passwords at the next
> > login. I want to now be abl to make them change the password to
> > something more then 7 digits and with the complexity enabled. But
> > when I change it both in the default domain security policy and in the
> > default domain controller policy they can still login and then change
> > there password to anything including no password. How do I do this?

• Previous message: George: "the dreaded "The local policy of this system does not permit you to logon"
• In reply to: Roger Abell [MVP]: "Re: Need help w/ group policy"
• Messages sorted by: [ date ] [ thread ]