NEW GPO Policy

  • Thread starter Thread starter striffy
  • Start date Start date
S

striffy

Hi,
Was testing my Lab set-up for AD 2003.
I've created a simple Password Policy (turned off complex password).
Applied / Linked this to the Users OU. Unfortunately it still asks for
a complex password, so I then tried Blocking Inheritence to stop the
Default Domain Policy, but still no luck.
Can someone help me? or is it not possible, does it have to be done in
the Default Domain Policy?
Thanks
 
Hi,
Was testing my Lab set-up for AD 2003.
I've created a simple Password Policy (turned off complex password).
Applied / Linked this to the Users OU.

By default Users is a container object and not an OU which means you
can't link a GPO to it. I'm assuming that you've created an OU and moved
the user accounts there. Not that this really matters for what you're
trying to do here.
Unfortunately it still asks for
a complex password, so I then tried Blocking Inheritence to stop the
Default Domain Policy, but still no luck.
Can someone help me? or is it not possible, does it have to be done in
the Default Domain Policy?

Password policy can only be set at the domain level for it to affect
domain user accounts.

--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea
 
* What I did was create a new Container named TEST nad then created 3
more containers under that, USERS - Computers - Servers, I guess I
called them a OU as when creating them (right Click) Windows calls it
new-Organizational Unit, but I guess it's really a container.

*If the Password Policy can only be set at Domain Level, then would
that make it impossible to set different password policies for
different Containers?
EG, have a conatiner for Managers and one for Other Staff, have
Managers with complex password policy and Other Staff without complex
passwords policy?
Cheers
 
* What I did was create a new Container named TEST nad then created 3
more containers under that, USERS - Computers - Servers, I guess I
called them a OU as when creating them (right Click) Windows calls it
new-Organizational Unit, but I guess it's really a container.

No, in this case you did create an OU. At the top level, the Computers
and Users "folder" are not OUs but are in fact containers. Notice how
the icons that represent Users and Computers at the top level differ
from the one that represents Domain Controllers, which is an OU.
*If the Password Policy can only be set at Domain Level, then would
that make it impossible to set different password policies for
different Containers?

Yes. One password policy for the entire domain.
EG, have a conatiner for Managers and one for Other Staff, have
Managers with complex password policy and Other Staff without complex
passwords policy?
Cheers

--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea
 
Back
Top