You can have only one password policy per domain. So you must set your password policy in the default domain policy.
Brian -----Original Message----- From: AliAdmin [mailto:AliAdmin@;bango.net] Sent: Monday, November 11, 2002 5:00 AM To: NT 2000 Discussions Subject: Active Directory Password Policy Grief. Hi All. I hope somebody can help me here, as I'm beginning to tear my hair out. I currently have Active directory installed and I'm running with the a configured default security policy. I have a number of OU's also configured. Everything is happy except that now I wish to alter the password security for one OU - making it stricter. As I understand AD, in order to increase the security for that one OU all I need do is modify the OU policy, as policy is applied hieratically the last applied policy takes precedent. In this case the OU policy should supersede the Default policy and thus apply the increased security. Unfortunately this is not the case. Other aspects of the OU policy are applied - eg a specific splash screen- and when I run GPResult the OU policy is applied to that machine and user. However the password security policy is not applied, the Default Policy is still in effect. I have tried Blocking the inheritance, just in case and the behaviour was not effected. It might be something to do with the Default Password Policy needing to be the same for both Domain OU and Domain Controller OU but I am rather reluctant to alter those and potentially affect all users. Am I missing something about how password policies are applied. Your help will be much appreciated. Thanks Ali Alister Haran Sys Admin ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
