Re: Set password restrictions
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Sat, 27 Jan 2007 04:52:10 -0600
"APT SA" <APTSA@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:809ABBFC-E039-404E-941C-936FDAECED88@xxxxxxxxxxxxxxxx
I want to use group policy to set password restrictions (max pass age) but
I
do not want this to effect my service accounts and admin accounts. I have
created a separate OU for these accounts. But from what I understand you
have to set these restritions on the domain controller policy.
That is incorrect. It must be set on a DOMAIN (not DC) GPO, i.e.,
a GPO linked to the domain container if you wish it to affect your domain
accounts.
So won't this
make my service account passwords expire b/c they must authenticate from
DC
as well? If so how do I get around this. I must be missing something
basic.
Not if you have set them to "password never expires".
In general, service accounts should have EXTREMELY long and complex
passwords and "never expire." (My rule is that if even I myself can
remember
the password for more than a few minutes it is much too easy.)
.
- Prev by Date: Re: How do I stop users from moving file directories using explorer
- Next by Date: Re: user permisions and security
- Previous by thread: Re: Set password restrictions
- Next by thread: Re: Set password restrictions
- Index(es):
Relevant Pages
|
