G
Guest
I made some changes to our default domain policy, password age, min length,
password complexity, lockout duration, invalid attempts, reset acct, and from
the user portion setup a timeout to occur which will lock the desktop. The
user portion of the policy was persistant, but the computer settings kept
being set back to what they were previously. We have a root domain, which
has always had a different policy that the domain whose policy I changed
today, so I know it was being set from the root domain, and we have another
child domain whose password policy is different, and I never had this problem
there when I made changes recently. My understanding of password policies
was there can only be one per domain, so my question is how is this being
overwritten apparently through replication, by some other policy. It wasn't
until I checked the enforced setting that the policy persisted, but I thought
that only applied to downstream policies and that the default domain password
policies trumped any policies below them???
thank you
Bill
password complexity, lockout duration, invalid attempts, reset acct, and from
the user portion setup a timeout to occur which will lock the desktop. The
user portion of the policy was persistant, but the computer settings kept
being set back to what they were previously. We have a root domain, which
has always had a different policy that the domain whose policy I changed
today, so I know it was being set from the root domain, and we have another
child domain whose password policy is different, and I never had this problem
there when I made changes recently. My understanding of password policies
was there can only be one per domain, so my question is how is this being
overwritten apparently through replication, by some other policy. It wasn't
until I checked the enforced setting that the policy persisted, but I thought
that only applied to downstream policies and that the default domain password
policies trumped any policies below them???
thank you
Bill