Re: Cannot Set Kerberos Policy for Domain Controller
- From: "Will" <westes-usc@xxxxxxxxxxxxxx>
- Date: Sun, 13 Jul 2008 11:56:20 -0700
"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb66a38678cab316c8244a90@xxxxxxxxxxxxxxxxxxxxxxx
Password policies and also Kerberos can only be set at the domain level.
That's the reason it doesn't appear to work
What does that mean? For both domain controllers and member servers, RSOP
*does* see password policies. For both domain controllers and member
servers, RSOP is NOT seeing the Kerberos policy. It simply disappears.
--
Will
In our Group Policy I applied a GPO to the Domain Controllers that
includes Account Policies for Password, Account Lockout, and Kerberos.
After I update the policy on the domain controller and look at the
Resultant Set of Policies (RSOP.MSC) under Account Policies the
Kerberos Policy is simply missing altogether. It is not present and
marked "Not Defined". It simply is not there at all.
I then went to a member server, updated its group policy, and sure
enough I have the same mysterious missing Kerberos Policy.
Do I have a bug or some corruption in our Group Policy? How do I
recover back the missing Kerberos Policy?
.
- References:
- Cannot Set Kerberos Policy for Domain Controller
- From: Will
- Re: Cannot Set Kerberos Policy for Domain Controller
- From: Meinolf Weber
- Cannot Set Kerberos Policy for Domain Controller
- Prev by Date: Apply GPO to a single user
- Next by Date: Re: Apply GPO to a single user
- Previous by thread: Re: Cannot Set Kerberos Policy for Domain Controller
- Next by thread: Apply GPO to a single user
- Index(es):
Relevant Pages
|
