There are a number of third party tools for creating the FGPP on 2008, without using adsiedit. Take a look at joeware.net for one of them.
From: [email protected] [mailto:[email protected]] On Behalf Of Charles F Sullivan Sent: Tuesday, December 30, 2014 10:27 AM To: [email protected] Subject: RE: [NTSysADM] FGPP question It was available starting with 2008 AD, but it’s changed greatly in 2012 in that it has a GUI. I would look up the directions for doing it in Windows 2008 R2 AD. For that version I believe you need to use ADSI Edit and it’s not as straightforward. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Christopher Bodnar Sent: Tuesday, December 30, 2014 10:21 AM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] FGPP question We finally have a use case where we need to setup a separate password policy for a group of users. Haven’t done this before, but have read about it. Domain is 2008 R2 DFL/FFL. I used ADAC on a 2012 R2 box to create the PPO and assign it to a group. I tested and it seems to be working exactly as designed. The PPO is assigned to a group currently , not directly to any user accounts. When I right click on a user in the group, and choose “View Resultant password settings” I get the following error: [cid:[email protected]] But if I look at the properties of the group, it correctly shows me PPO that is directly associated to it: [cid:[email protected]] Is this feature only available in 2012 DFL/FFL? Thanks, Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> ________________________________ ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you.
