Re: Domain account policy
- From: "Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx>
- Date: Fri, 20 Jul 2007 03:53:38 +0100
Hi
Assuming the change for password expiration to 90 days:
Anyone who last changed their password 90 or more days ago will be expired
when you implement the policy. If you have not expired passwords in the
past, this could expire most users.
The password expiration is calculated by comparing the policy to the
pwdLastSet attribute and checking the current time and date at the point of
authentication.
- password last changed date + maximum password age.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
"Nerd" <Nerd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5D496763-E78C-4CB6-8722-9DEB001A8A50@xxxxxxxxxxxxxxxx
We are preparing to implement a domain account/lockout policy in our
Windows2003 sigle domin. How does the policy take effect, such as password
length, complexity, age etc. Will the policy take effect right away and
ask
all users to make the changes next time they login or do I have to force
password change for several users each time so the policy starts enforcing
at
different times
.
- Prev by Date: Re: DNS Zone Transfers
- Next by Date: [Help] How to change the IPaddress for production ADC
- Previous by thread: Re: DNS Zone Transfers
- Next by thread: Re: Domain account policy
- Index(es):
Relevant Pages
|
|
