RE: Group Policy: multiple password policies in the same domain?
From: Derick Anderson (danderson_at_vikus.com)
Date: 08/31/05
- Previous message: Depp, Dennis M.: "RE: Group Policy: multiple password policies in the same domain?"
- Maybe in reply to: Derick Anderson: "Group Policy: multiple password policies in the same domain?"
- Next in thread: Delgado, Jacob M.: "RE: Group Policy: multiple password policies in the same domain?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 31 Aug 2005 10:25:01 -0400 To: "Depp, Dennis M." <deppdm@ornl.gov>, <focus-ms@securityfocus.com>
As I feared.
Thanks,
Derick
> -----Original Message-----
> From: Depp, Dennis M. [mailto:deppdm@ornl.gov]
> Sent: Wednesday, August 31, 2005 10:18 AM
> To: Derick Anderson; focus-ms@securityfocus.com
> Subject: RE: Group Policy: multiple password policies in the
> same domain?
>
> There can be only one password policy for the domain.
>
> Dennis
>
> -----Original Message-----
> From: Derick Anderson [mailto:danderson@vikus.com]
> Sent: Wednesday, August 31, 2005 7:32 AM
> To: focus-ms@securityfocus.com
> Subject: Group Policy: multiple password policies in the same domain?
>
> I'm trying to lock down some domain "service" accounts
> (backup, Exchange, SQL Server, Scheduled Tasks, etc.) where I
> work. We're an application service provider (web-based) and
> we have only one domain at the moment (sigh), shared by our
> production servers (big sigh) on the same physical network
> (very big sigh). Our web application must run as a domain
> account (throws up hands in exasperation).
>
> Splitting the domain into production and non-production is in
> the works but will realistically be at least a couple months
> away. In the mean time I'm trying to enforce stronger
> passwords for service accounts like those I mentioned above
> but I'm having problems using Group Policy to specify that
> service accounts have a certain password policy while regular
> users have another. I believe the problem is that password
> policies are computer based instead of user based, so I can't
> specify that specific users have one set of password policies
> while others have a different one.
>
> Would applying the policy to a specific set of computers
> affect only the local accounts on those computers, or the
> entire domain? My theory is that only the password policy on
> the domain controllers would affect domain passwords, but I'd
> love to hear differently.
>
> Any help would be appreciated.
>
> Thanks,
>
> Derick Anderson
>
> --------------------------------------------------------------
> ----------
> ---
> --------------------------------------------------------------
> ----------
> ---
>
>
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Depp, Dennis M.: "RE: Group Policy: multiple password policies in the same domain?"
- Maybe in reply to: Derick Anderson: "Group Policy: multiple password policies in the same domain?"
- Next in thread: Delgado, Jacob M.: "RE: Group Policy: multiple password policies in the same domain?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
