Re: Password Policy Issue
- From: "Mike" <spam@xxxxxxxxxx>
- Date: Thu, 5 May 2005 09:29:28 -0700
Thanks for the info.
Two issues. If this can't be done at the OU level, then grey out the button
indicating that you can block other GP's, Or at the very least pop up a
warning.
2nd.... And this is a big one... If Server 03 has a default policy to
enforce complex password policies, Then show that in the GP as "enabled" not
" Not defined" this is by far the most confusing issue by far!
I have no complaints w/ security and the password complexity to enhance
security. But wouldn't it make just a little more sense if it was shown as
"enabled" vs "Not defined"
Way to go MSFT
"Chriss3 [MVP]" <noSpamHere@xxxxxxxxxx> wrote in message
news:%23aFvs02TFHA.1896@xxxxxxxxxxxxxxxxxxxxxxx
> The password policy can only be set at the domain level, and at the GPO
> with the highest priority at the domain level, that is by default, domain
> policy gpo, so you have to change it there, and the change is domain wide,
> and can't be done at OU level.
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
>
> No email replies please - reply in the newsgroup
> ------------------------------------------------
> http://www.chrisse.se - Active Directory Tips
>
> "Mike" <spam@xxxxxxxxxx> skrev i meddelandet
> news:%230o9$81TFHA.336@xxxxxxxxxxxxxxxxxxxxxxx
>> Windows 2003 AD domain.
>>
>> My client doesn't want to use complex passwords. I've created a OU w/ a
>> GP
>> to prevent the comlex requirements. I've "Blocked Policy inheritance".
>> I've
>> also disabled/changed the settings in /Computer configuration/Windows
>> settings/Security Settings/account policies/Password Policy/
>>
>> Enforce password history 0 passwords remembered
>> Max password age 365
>> Min password age 30
>> min password length 2
>> password must meet complexity req Disabled
>> Store passwords using rever encr Disabled.
>>
>> Between "blocking policy inheritance" and the settings listed above I'm
>> confused as to why I am unable to create a user w/o getting this error.
>>
>>
>> The password does not meet the password policy requirements. Check the
>> minimum password lenght, password complexity and password history
>> requirements.
>>
>>
>>
>
>
.
- Follow-Ups:
- Re: Password Policy Issue
- From: Joe Richards [MVP]
- Re: Password Policy Issue
- References:
- Password Policy Issue
- From: Mike
- Re: Password Policy Issue
- From: Chriss3 [MVP]
- Password Policy Issue
- Prev by Date: can I get an email notification of account management events?
- Next by Date: Re: Migrate standalone domain to new forest as child domain
- Previous by thread: Re: Password Policy Issue
- Next by thread: Re: Password Policy Issue
- Index(es):
