Multiple Password policies in one Domain?

  • Thread starter Thread starter Chris
  • Start date Start date
C

Chris

How can you configure different groups of ID's to have
separate password policies in Active Directory (Win2k)? I
have several different clients that use the same domain,
but they require different password policies (length,
expiration, etc.). From what I've read and tried, it
seems on the default domain policy matters when it comes
to password policies. Thanks.
 
You should only have one password policy per domain. The default domain
policy will override.
This posting is provided "AS IS" with no warranties, and confers no rights.
 
That's correct, password policies are controlled at the domain level. One of
the few reasons in AD to have separate domains is the requirement to have
different password policies so you would need to create a new domain to
accommodate this.
 
Chris said:
How can you configure different groups of ID's to have
separate password policies in Active Directory (Win2k)? I
have several different clients that use the same domain,
but they require different password policies (length,
expiration, etc.). From what I've read and tried, it
seems on the default domain policy matters when it comes
to password policies. Thanks.
Click to expand...

The simple answer is "You can't"

The settings in the default domain policy are the only ones that are used ,
so if you want multiple password policies you need to have multiple domains.

--
Alex

"I laugh in the face of danger"

"Then I hide until it goes away"

www.drzoidberg.co.uk
 
Back
Top