Forcing a security Policy

  • Thread starter Thread starter Ron Bromwell
  • Start date Start date
R

Ron Bromwell

I need to push a security policy from my domain controller
to a windows 2000 server machine in my domain. Can any
tell me the steps to do this?
 
for some reason this is not working. I have the domian
policy for passwords to be changed every 60 days, but this
computer is not picking that policy up, it is using change
every 90 days.
 
You can try secedit /refreshpolicy machine_policy /enforce on the domain server
to speed the process up, but sometimes a reboot is required. If a machine seems not
to receive a policy, make sure it is in the scope of influence of the policy. Domain
member password/account policy can only be configured at the domain level. Netdiag is
useful to make sure a domain computer is communicating with a domain controller and
gpresult can help show where policy is being applied from. --- Steve

http://support.microsoft.com/default.aspx?kbid=227302
 
What I ended up doing was taking the machine out of the
domain, rebooting, adding the machine back into the
domain, and rebooting. The policy then got pushed down.
-----Original Message-----
You can try secedit /refreshpolicy
machine_policy /enforce on the domain server
to speed the process up, but sometimes a reboot is
required. If a machine seems not
to receive a policy, make sure it is in the scope of
influence of the policy. Domain
 
Back
Top