RE: active directory password policy

From: John Coke (JCoke_at_afsimage.com)
Date: 02/08/05

Next message: Tom Milliner: "Password Protected Screen Saver and Administrative Password"

Previous message: Renouf, Phil: "RE: active directory password policy"
Maybe in reply to: William Stegman: "active directory password policy"
Next in thread: Vedran Matica: "RE: active directory password policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 7 Feb 2005 18:00:33 -0600
To: "Mike" <mike_sha@shaw.ca>, "William Stegman" <stegmanw@comcast.net>, <focus-ms@securityfocus.com>

Domain-wide password, account lockout and kerberos policies can only be
set at the domain level. Password policies linked at the OU level are
applied to the users configured on the local machine and are ignored
when the users logs in with a domain account.

-John

-----Original Message-----
From: Mike [mailto:mike_sha@shaw.ca]
Sent: Monday, February 07, 2005 12:29 PM
To: William Stegman; focus-ms@securityfocus.com
Subject: RE: active directory password policy

Could you put them in a different OU with it's own GP that has looser
policies on password security?

Mike Fetherston

> -----Original Message-----
> From: William Stegman [mailto:stegmanw@comcast.net]
> Sent: Friday, February 04, 2005 5:10 PM
> To: focus-ms@securityfocus.com
> Subject: active directory password policy
>
> Does anyone have any experience with remote users who do not login to
> the domain on a regular basis or at all, and have a password
expiration
> policy in effect? We can't seem to come up with a good plan to handle
> these users. They only occassionally access domain resources such as
> webmail via the Internet or an internal website to do timesheets via
> vpn, and will not have the luxury of logging on to a machine connected
> to our LAN and getting the warning about soon to expire passwords. If
> our policy dictates passwords expire every 90 days, how can we avoid
the
> inevitable calls regarding password resets?
>
> thx
>
> /William Stegman - Network Administrator///
>
> TransCore - Hummelstownd

------------------------------------------------------------------------

---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------

Next message: Tom Milliner: "Password Protected Screen Saver and Administrative Password"

Previous message: Renouf, Phil: "RE: active directory password policy"
Maybe in reply to: William Stegman: "active directory password policy"
Next in thread: Vedran Matica: "RE: active directory password policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]