The SANS folks are wrong. Password policies can only be applied at the domain level. That's one reason you might create multiple child domains in your forest.
-----Original Message----- From: Pennell, Ronald B. [mailto:rpennell@;ida.org] Sent: Friday, November 01, 2002 12:08 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Password Policy for Users Recently took a windows 2000 security class and was told that we can only have one password policy for the domain. Other who have taken class at the SANS Institue, say that's not true. I have not been able to find where in an OU where you can set a password policy for that OU. Realize that I can set policies at any level, but, only one for passwords. Can someone shed some light on this for me. Running W2K SP2 (Native). Single Domain. Ron Pennell [EMAIL PROTECTED] List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
