Well that certainly explains it, I'll have to have a rethink. Also does anybody have some good links for user password education, so the bliighters can see the danger of weak passwords themselves.
Thanks for your help Ali ----- Original Message ----- From: "Steve Molkentin" <[EMAIL PROTECTED]> To: "NT 2000 Discussions" <[EMAIL PROTECTED]> Sent: Monday, November 11, 2002 9:51 PM Subject: RE: Active Directory Password Policy Grief. > Ali, > > I'm with everyone else who has posted here - either you create a new domain > for the users you want a different password policy for, or everyone (or no > one) gets your new password policy. > > themolk. > > > -----Original Message----- > > From: AliAdmin [mailto:AliAdmin@;bango.net] > > Sent: Saturday, 9 November 2002 2:16 am > > To: NT 2000 Discussions > > Subject: Active Directory Password Policy Grief. > > > > > > Hi All. > > > > I hope somebody can help me here, as I'm beginning to tear my > > hair out. > > > > I currently have Active directory installed and I'm running with the a > > configured default security policy. I have a number of OU's > > also configured. > > Everything is happy except that now I wish to alter the > > password security > > for one OU - making it stricter. As I understand AD, in order > > to increase > > the security for that one OU all I need do is modify the OU policy, as > > policy is applied hieratically the last applied policy takes > > precedent. In > > this case the OU policy should supersede the Default policy > > and thus apply > > the increased security. > > > > Unfortunately this is not the case. Other aspects of the OU policy are > > applied - eg a specific splash screen- and when I run > > GPResult the OU policy > > is applied to that machine and user. However the password > > security policy is > > not applied, the Default Policy is still in effect. > > > > I have tried Blocking the inheritance, just in case and the > > behaviour was > > not effected. It might be something to do with the Default > > Password Policy > > needing to be the same for both Domain OU and Domain > > Controller OU but I am > > rather reluctant to alter those and potentially affect all users. > > > > Am I missing something about how password policies are applied. > > > > Your help will be much appreciated. > > > > Thanks > > > > Ali > > > > Alister Haran > > Sys Admin > > > > > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
