Re: ADAm password policies

From: Greg Martin (gmartin_at_gmartin.org)
Date: 10/20/04 

Date: Wed, 20 Oct 2004 13:49:19 -0400

Thanks to you & Lee. Just looking forward I can see that our corporate
password policies (which apply to admin user accounts, etc) will likely be
different than those for our application users (who will be customers).
This difference means I might have to write that policy into the
application. Something I'd like to get away from.

My sense so far in working with ADAM is that MS has not divorced it well
enough from the OS yet.

\\Greg

"Dmitri Gavrilov [MSFT]" <dmitrig@online.microsoft.com> wrote in message
news:OpKEnentEHA.1308@tk2msftngp13.phx.gbl...
> And, of course, disabling pwd policy enforcement altogether for ADAM users
> is also an option.
>
> --
> Dmitri Gavrilov
> SDE, Active Directory Core
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
> "Lee Flight" <lef@le.ac.uk-nospam> wrote in message
> news:ORmAZ0itEHA.3860@TK2MSFTNGP09.phx.gbl...
> > Hi
> >
> > as the docs state the options for password policy are local
> > machine or domain depending as the ADAM instance is
> > on a standalone machine or on a domain member. In either
> > case adherence to password policy enforcement in ADAM
> > is boolean.
> >
> > If the external applications are in an extranet then setting local
> > password policies if the machines are not in the internal domain
> > is an option (unless you need an extranet AD as well as
> > ADAM and then you could choose an extranet domain password
> > policy and make the instance servers members).
> >
> > Lee Flight
> >
> > "Greg Martin" <gmartin@gmartin.org> wrote in message
> > news:O64cEAitEHA.1400@TK2MSFTNGP11.phx.gbl...
> > > Currently investigating ADAM for its use with our external
applications.
> > > The MSDN docs state that ADAM mimics the domain or local security
> policies
> > > for password mgmt. As there could be a disconect between our
corporate
> > > policies and those we require of external users, is there anyway to
set
> > > unique password policies for ADAM instances?
> > >
> > > \\Greg
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: ADAM Password Policies
    ... On means use the password policy on the machine on which adam is hosted. ... > instance there is no way to configure instance-specific password policies. ... >>> I would like a particular ADAM instance to use its own password ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM custom password policy
    ... ADAM specific password policies have been asked for a number ... If you have logon auditing enabled in your server audit policy ... It would be nice to apply extended password policies ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM and Password Policies
    ... Modifications to password policies only apply to future password changes. ... otherwise expire under your policy. ... ADAM actually inherits the password policy applied to the machine that ADAM ... as it is pretty difficult to provide a clean mechanism to allow ADAM users ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAm password policies
    ... There was never a plan to divorce ADAM from OS, 95% of ADAM is pure AD, and ... If you need to institute a different pwd policy for ADAM users, ... > password policies ...
    (microsoft.public.windows.server.active_directory)
  • RE: Group Policy: multiple password policies in the same domain?
    ... I'd suspected that you might be able to use a different GPO at the same level but having never tested it I didn't want to committ it to writing! ... Subject: Group Policy: multiple password policies in the same ... You can only affect domain> accounts at the domain level, but you do NOT have to use the> "Default Domain Policy" GPO. ...
    (Focus-Microsoft)