multiple Password policy

G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hi,
I have one Dc and in that I have two OUs called production and Software.
My plan is I want to implement Password policy ( min 8 lenth characters and
complexity ) for only Software OU.And i don't want to do it on Production OU.

So is there any plan to implement this ..........
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hello Srikrishna,

"There can be only a single password policy for each account database. An
Active Directory domain is considered a single account database, as is the
local account database on stand-alone computers. Computers that are members
of a domain also have a local account database, but most organizations that
have deployed Active Directory domains require their users to log on to their
computers and the network by using domain-based accounts. Consequently, if
you specify a minimum password length of 14 characters for a domain, all
users in the domain must use passwords of 14 or more characters when they
create new passwords. To establish different requirements for a specific set
of users, you must create a new domain for their accounts."

That is an excerpt of Step-by-Step Guide to Enforcing Strong Password
Policies from Microsoft.

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/activedirectory/stepbystep/strngpw.mspx

Regards
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

One password policy per domain.

The reason behind this is if the domain has sensitive enough information in
it to require a strong password policy, setting some users to a weaker
standard amounts to a security hole.

The requirement to have differing password policies is a major determining
factor for creating a second domain.


hth
DDS W 2k MVP MCSE

"Srikrishna" <Srikrishna@discussions.microsoft.com> wrote in message
news:5B9C9272-9587-467A-B17C-44079808D2DE@microsoft.com...
> Hi,
> I have one Dc and in that I have two OUs called production and Software.
> My plan is I want to implement Password policy ( min 8 lenth characters
> and
> complexity ) for only Software OU.And i don't want to do it on Production
> OU.
>
> So is there any plan to implement this ..........
>
>