RE: Windows 2000 password policy
From: Jim Barrett (jimb_at_ins.com)
Date: 06/24/03
- Previous message: Chris Carlson (OTG): "RE: Windows 2000 password policy"
- In reply to: Leo, Joel: "RE: Windows 2000 password policy"
- Next in thread: Chris Carlson (OTG): "RE: Windows 2000 password policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Leo, Joel'" <Joel.Leo@cw.com>, "'hong li'" <hong_li_98@yahoo.com>, <focus-ms@securityfocus.com> Date: Tue, 24 Jun 2003 07:50:07 -0400
I'm not sure it even works that way. I tested this on a system that was
a member of a domain, and even if you manually change the settings in
the local policy, the Effective policy setting (which comes from the
domain policy) does not change. Note that I did not touch the domain
policy. It still has the Windows default settings.
Jim Barrett, MCSE, CISSA, CISSP, CCNP
Principal Consultant
International Network Services
Boston, MA
-----Original Message-----
From: Leo, Joel [mailto:Joel.Leo@cw.com]
Sent: Monday, June 23, 2003 11:37 PM
To: Jim Barrett; hong li; focus-ms@securityfocus.com
Subject: RE: Windows 2000 password policy
You can set a password policy on an ou, but it will only affect _local_
users that log into the machines in that ou.
Joel
-----Original Message-----
From: Jim Barrett [mailto:jimb@ins.com]
Sent: Monday, June 23, 2003 10:59 AM
To: 'hong li'; focus-ms@securityfocus.com
Subject: RE: Windows 2000 password policy
Nope. You can't get there from here as the saying goes. This is
because Windows 2000 had to maintain backward compatibility with NT 4.0,
and in NT 4, the Domain was the security boundary. Same is true with
W2k/W2k3.
You will see the options for setting password policy in the OU GPO, but
changes there will not affect anything.
Jim
Jim Barrett, MCSE, CISSA, CISSP, CCNP
Principal Consultant
International Network Services
Boston, MA
-----Original Message-----
From: hong li [mailto:hong_li_98@yahoo.com]
Sent: Monday, June 23, 2003 1:16 PM
To: focus-ms@securityfocus.com
Subject: Windows 2000 password policy
Hi, everyone
Does anyone know that you can set password policy
change at OU level instead of domain level? or any
other suggestions?
Thanks!
Hong
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
------------------------------------------------------------------------
-----
------------------------------------------------------------------------
------
------------------------------------------------------------------------
-----
------------------------------------------------------------------------
------
-----------------------------------------------------------------------------
------------------------------------------------------------------------------
- Previous message: Chris Carlson (OTG): "RE: Windows 2000 password policy"
- In reply to: Leo, Joel: "RE: Windows 2000 password policy"
- Next in thread: Chris Carlson (OTG): "RE: Windows 2000 password policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
