To apply separate password policies to different OU's you will need to create a Group Policy and only change the password settings, then apply it to that OU. You can make however many you like, and just apply them to the OU of your choosing.
I attended a seminar and remember hearing that if you disable any policy that you don't want implimented it will speed up the process (ie only enabled policies take effect) but I have not tried this, so I cannot give you my own opinion on it. You may want to look further into it though. There are programs out there that make this easier (NetIQ, Quest Fastlane) but all they are doing is presenting group policies in an easier to use format. Quest actually extends the AD Schema and has a great interface for doing exactly what your looking at. All for a fairly substantial fee though. If your managing a lot of Domains or even one very large domain, its probably worth looking in to. Hope this helps. Travis -----Original Message----- From: Pennell, Ronald B. [mailto:rpennell@;ida.org] Sent: Friday, November 01, 2002 2:08 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Password Policy for Users Recently took a windows 2000 security class and was told that we can only have one password policy for the domain. Other who have taken class at the SANS Institue, say that's not true. I have not been able to find where in an OU where you can set a password policy for that OU. Realize that I can set policies at any level, but, only one for passwords. Can someone shed some light on this for me. Running W2K SP2 (Native). Single Domain. Ron Pennell [EMAIL PROTECTED] List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
