Good
advice. :) Thanks
-Christine
Christine N. Allen
Citrix/Windows 2000
Engineer
BMC Healthnet Plan
One Design Center Place
Boston, MA
02210
Work: 617-748-6034
Cell:
617-290-4407
-----Original Message-----
From: Darren Mar-Elia [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 15, 2004 1:02 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Default Domain PolicyWhat I typically tell folks is that, wherever you set account policy, make sure that it is well protected (i.e. ACLd so that only few admins can touch it) and its probably best to do nothing else in that GPO aside from Account Policy. The less stuff going on there and the less people mucking with it, the less chance that security-related policy gets changed inadvertantly by someone "exploring" a GPO.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Wednesday, December 15, 2004 9:44 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Default Domain PolicyYes you can but just use the default domain policy. I don't recall seeing the argument in that debate that would make me think this wasn't something people would want to do. I.E. I don't see a benefit in not using it. Either way the policy is being set.:o)joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christine Allen
Sent: Wednesday, December 15, 2004 11:52 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Default Domain PolicyHello,Quick question. If I want to implement a password policy for my domain, do I have to use the default domain policy? Or can I add my own newly created policy at the domain level and modify that with my password requirements? The reason I ask, is because of the don't use the default domain policy debate that went on about a month ago.TIA-Christine
Christine N. Allen
Citrix/Windows 2000 Engineer
BMC Healthnet Plan
One Design Center Place
Boston, MA 02210
Work: 617-748-6034
Cell: 617-290-4407
