Password security policy

[Henry]

Hello,


Currently, we have a password policy defined at the domain level. We are
trying to impose tighter password policy for a group of users, what would be
the best and easiest way to do so? thank you in advance. (w2k sp4)

 

[Danny Sanders]

We are

trying to impose tighter password policy for a group of users, what would
be the best and easiest way to do so? thank you in advance. (w2k sp4)

Create a new domain. Differing account policies is one determining factor as
to whether to create another domain or not.
You can have only one account policy per domain. Creating a password policy
on an OU will have no affect when logging onto the domain. Account policies
applied at the OU level only take affect when logging in locally on a
computer in the OU the account policy is applied to.

If the domain has sensitive enough information for a tighter password policy
not applying that password policy to the entire domain amounts to the admin
creating a security hole.


hth
DDS W 2k MVP MCSE

 

[Henry]

Thanks. DOH, it's not what I expected!

We are

Create a new domain. Differing account policies is one determining factor
as to whether to create another domain or not.
You can have only one account policy per domain. Creating a password
policy on an OU will have no affect when logging onto the domain. Account
policies applied at the OU level only take affect when logging in locally
on a computer in the OU the account policy is applied to.

If the domain has sensitive enough information for a tighter password
policy not applying that password policy to the entire domain amounts to
the admin creating a security hole.


hth
DDS W 2k MVP MCSE