multiple Password policy

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,
I have one Dc and in that I have two OUs called production and Software.
My plan is I want to implement Password policy ( min 8 lenth characters and
complexity ) for only Software OU.And i don't want to do it on Production OU.

So is there any plan to implement this ..........
 
Hello Srikrishna,

"There can be only a single password policy for each account database. An
Active Directory domain is considered a single account database, as is the
local account database on stand-alone computers. Computers that are members
of a domain also have a local account database, but most organizations that
have deployed Active Directory domains require their users to log on to their
computers and the network by using domain-based accounts. Consequently, if
you specify a minimum password length of 14 characters for a domain, all
users in the domain must use passwords of 14 or more characters when they
create new passwords. To establish different requirements for a specific set
of users, you must create a new domain for their accounts."

That is an excerpt of Step-by-Step Guide to Enforcing Strong Password
Policies from Microsoft.

http://www.microsoft.com/technet/pr...ogies/activedirectory/stepbystep/strngpw.mspx

Regards
 
One password policy per domain.

The reason behind this is if the domain has sensitive enough information in
it to require a strong password policy, setting some users to a weaker
standard amounts to a security hole.

The requirement to have differing password policies is a major determining
factor for creating a second domain.


hth
DDS W 2k MVP MCSE
 
Back
Top