Re: Minimum Password Age GPO
- From: "Florian Frommherz [MVP]" <florian@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 14 Mar 2008 12:08:32 +0100
Howdie!
UselessUser schrieb:
The default setting does not follow this recommendation? what recommendation?? I notice it is set to 1 by default, but what does this mean?
That means that people can change their password once a day. If they change it today, they'll have to wait 24 hours before they can re-change it once more.
Does this mean that if I using ADUC reset someones password, then change their account to require them to change their password at next login, that if they then login in under 24 hours time they will be prompted to change their password but will not be able to change their password??
No - they're forced to change the password directly, no matter when they log in. The "require to change password" box is a different flag that goes with the account.
What do people set this value to, and what are the real nitty gritty implications of this... for example is it just the users who are restricted to a 24 hour limit or me as the administrator as well etc?
You can reset the password whenever you need to. The minimum password age settings does not apply to you as the administrator (when resetting the other people's passwords). The setting is there, so that people don't change their passwords 15 or 20 times in a row to be able to use an older password they had before (circumventing the "remember x passwords" setting).
cheers,
Florian
--
Microsoft MVP - Windows Server - Group Policy.
eMail: prename [at] frickelsoft [dot] net.
blog: http://www.frickelsoft.net/blog.
Use a newsreader! http://www.frickelsoft.net/news.html
.
- Prev by Date: Re: Export Default Domain Policy Setting
- Next by Date: Re: Power Off/On Workstations?
- Previous by thread: Re: Power Off/On Workstations?
- Next by thread: Re: Minimum Password Age GPO
- Index(es):
Relevant Pages
|
