 |
|
|
| Ask The Windows Security Expert: Questions & Answers |
|
|
|
|
|
|
Password security in Group Policy for Windows networks |
 |
EXPERT RESPONSE FROM: Wes Noonan
|
|
|
|
| > |
QUESTION POSED ON: 10 September 2007
I am using Windows Server 2003 Enterprise Edition. I created one domain, xyz.com, and then configured Group Policy for a domain and domain controller that requires a complex password of at least seven characters. After that, I created one OU (organizational unit) in my xyz.com domain called ACC. For the ACC OU, I don't need a complex password, so in Group Policy, I disabled complex password and set the minimum character length to zero and set block policy inheritance. When I created a user in the ACC OU, it still required a complex password. I don't understand what's going wrong.
|
|
| > |
EXPERT RESPONSE
This Group Policy complex password problem is due to the fact that in Group Policy, in Windows networks, password security policies are only assigned at the domain level. You can expand the policy at the OU and go through all of the motions, but Active Directory will not actually apply the changes. In fact, having differing password policies is one of the few reasons for creating additional domains.
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of . |
|
| | |
All Rights Reserved, , TechTarget |
|
|
|
|
|
