Each domain within a forest can have its own domain-wide security policy. You MUST completely trust (not an NT trust, a professional ethics trust) every domain admin in every domain, though. ----- Original Message ----- From: "Ole Thomsen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, March 24, 2003 1:30 PM Subject: RE: [ActiveDir] Different password policy
Thousands of students and teachers will not accept a password policy forcing them to change every 60 days, and i have no valid argument to make them :-) Then there is a part of the staff working with administrative applications, for whom i have to implement a strong policy in the AD as these apps are migrated from Unix to Windows. You mention a new domain, does this mean that a child or sub-domain cannot have its own security policy? Ole > -----Original Message----- > From: Rob Ellis [mailto:[EMAIL PROTECTED] > Sent: Monday, March 24, 2003 3:56 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Different password policy > > > How much stronger would the policy be compared to the current one? > > Also, when you say a large group of users, what proportion of > your total > user base are we talking? > > If its like 75%, then its probably worth applying the policy to > everyone, and save the hassle. > > If not, then I suppose the way to go is a new domain with a > trust to the > existing one. > > > Regards, > Rob Ellis > Network Manager > Profectus IT > Tel 023 9224 7979 > Mob 07974 111867 > > > > -----Original Message----- > From: Ole Thomsen [mailto:[EMAIL PROTECTED] > Sent: 24 March 2003 14:43 > To: [EMAIL PROTECTED] > Subject: [ActiveDir] Different password policy > > > I need to implement a stronger password policy for > a large group of users in my AD, and run into the > infamous domainwide security policy problem. > > What is the best way to do this, and still being > able to let these users have access to the file/print, > Ex2K mailboxes and other resources they use today? > > Regards, > Ole Thomsen > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
