G
Guest
When applying a new Password Policy, do the counters for minimum and maximum age of existing passwords get reset?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
R
Robert Cohen
nope
--
Robert Cohen
A legend in his own mind
--
--
Robert Cohen
A legend in his own mind
--
maximum age of existing passwords get reset?CSS said:When applying a new Password Policy, do the counters for minimum and
R
Robert Cohen
I haven't seen documentation either way.
But it is easy enough to test out.
But the information on password age is stored seperately so I can't see how
it would be affected.
--
Robert Cohen
A legend in his own mind
--
But it is easy enough to test out.
But the information on password age is stored seperately so I can't see how
it would be affected.
--
Robert Cohen
A legend in his own mind
--
documented (yes, I did look) somewhere?CSS said:Thanks for the reply. Do you know that from experience or can I find it
G
Gary Mudgett [MSFT]
Group policies cannot modify user account settings. The password policies
are just changing reference time period for the evaluation to take place.
For example:
A domain has a password policy that does not require anybody to change
password for over a year. Then a password policy is put into affect to
change passwords every 30 days. After that almost everybody in the domain
will be required to changes their password. The only exceptions would be
those that either have new accounts or have voluntarily changed their
password within the last 30 days. This is because the evaluation as to
whether a change is needed is based on the last time the password was
changed at logon.
I did find the following article that describes how it is implemented and
still applies to Windows 2000. I know there is another one that addresses
this as well and gives a better description, but I cannot find it right now.
236373 How Maximum Password Age Is Implemented
http://support.microsoft.com/?id=236373
--
Gary Mudgett, MCSE, MCSA
Windows 2000/2003 Directory Services
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
are just changing reference time period for the evaluation to take place.
For example:
A domain has a password policy that does not require anybody to change
password for over a year. Then a password policy is put into affect to
change passwords every 30 days. After that almost everybody in the domain
will be required to changes their password. The only exceptions would be
those that either have new accounts or have voluntarily changed their
password within the last 30 days. This is because the evaluation as to
whether a change is needed is based on the last time the password was
changed at logon.
I did find the following article that describes how it is implemented and
still applies to Windows 2000. I know there is another one that addresses
this as well and gives a better description, but I cannot find it right now.
236373 How Maximum Password Age Is Implemented
http://support.microsoft.com/?id=236373
--
Gary Mudgett, MCSE, MCSA
Windows 2000/2003 Directory Services
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.