Re: Default Domain password policy issue
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 25 Jul 2006 12:25:54 -0500
Run rsop.msc on each domain controller and check the results for password
policy and the source GPO to see if they are what you expect. Keep in mind
that if you have more than one GPO linked to the domain container the GPO at
the top of the list takes precedence and can override what is shown in
Domain Security Policy if password policy is configured in a GPO above the
default domain GPO in the list.
Steve
"rb97685" <rb97685@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:00FED3EB-1B1A-4670-BE3D-AD7D9FD85ABA@xxxxxxxxxxxxxxxx
We're having a problem where we have enabled password complexity
requirements
at the Default Domain policy level in our organization. Upon testing, it
looks as if this policy is not being applied to many of our desktops.
Here's
are scenario:
* 2 Domain Controllers (Windows Server 2003)
* Primarily XP desktops
* I logged into one of our domain controllers, ran gpupdate, then opened
up
gpedit.msc. The old, simple password policy appears cached on this
machine.
Settings are grayed out, cannot be changed from the console directly.
* From my client machine, I opened up the GPMC snap-in, connected to both
DCs and reviewed policy settings. Both show as the new settings as having
been applied.
* While connected via GPMC to the DC in question, I changed settings,
applied. The re-applied password complexity.
* Logged back onto DC console, checked gpedit. Old policy is still cached.
Anybody know what is going on here, and how do I get rid of this
apparently
cached policy on this one DC? Thanks
.
- Prev by Date: Unable to create user
- Next by Date: Re: Default Domain password policy issue
- Previous by thread: Re: Default Domain password policy issue
- Next by thread: Re: Default Domain password policy issue
- Index(es):
Relevant Pages
|
Loading
