Questions about domain password policies
- From: "p3zk1d" <infernon@xxxxxxxxx>
- Date: 9 Apr 2007 15:14:39 -0700
Hello Everyone,
I have a couple of questions about domain password policies.
Understanding that account policies must be applied at the domain
level, I have the following questions:
1. If management requests that the implementation of a password policy
be staggered so as to avoid an overwhelming amount of support calls,
can the new password policy be applied only to specific groups?
2. If password aging has been set in the new policy, does the clock
start counting the day that the policy is implemented or does it take
into consideration the amount of time that a password has already been
used? For example, if userA set his password in January of 2001 and
the administrator at his company implements a new policy today with a
90 day maximum age for passwords, is he prompted to change his
password the next time that he logs on or must he actually change the
password first before the counter begins?
3. Do account settings ("password never expires", "user cannot change
password") override account policies?
That's all. Any help would be greatly appreciated!
.
- Follow-Ups:
- Re: Questions about domain password policies
- From: Florian Frommherz
- Re: Questions about domain password policies
- Prev by Date: Re: help on GPO and group
- Next by Date: IE6 and IE7
- Previous by thread: Export gpo setting to adm file ?
- Next by thread: Re: Questions about domain password policies
- Index(es):
Relevant Pages
|
