Domain Password Policy

From: JBailey (abc_at_123.com)
Date: 01/08/04


Date: Thu, 8 Jan 2004 11:18:14 -0600

Hello,

The only password policy we currently enforce in our 1 domain is a minimum
length of 6 characters. We want to implement a password policy requiring the
following:

Enforce password history - 3 passwords
Maximum password age - 90 days
Minimum password age - 15 days
Minimum password length - 8 characters
Password complexity - Enabled

We currently have numerous damain service accounts that do NOT meet the
above settings. I have edited all of these user accounts and selected
'Password Never Expires', but I am worried about enabling password
complexity. Will this setting only affect the service accounts when we go to
change their passwords, or will it prompt for a password change the next
time a service attemtps to use one of the accounts.

Hopefully this is clear enough. If more detail is needed please let me know.

Thanks,
JBailey



Relevant Pages

  • Re: password policy is whacko
    ... password length to 7 characters. ... As long as it is a NEW password or you don't enforce ... Have you ensured that your password policy is liked at ... Have you checked replcication on the Domain (i.e., ...
    (microsoft.public.win2000.active_directory)
  • Password policy
    ... I'm trying to change the password policy, but I have to have a specific ... I need to enforce ... Uppercase letters ... special characters ...
    (microsoft.public.win2000.security)
  • Re: Impact of changing password policy
    ... You are making the passwords permanent. ... to manually expire their passwords to enforce the rule. ... > The current password policy on our Win2K setup requires ... > the minimum length to 7 characters. ...
    (microsoft.public.win2000.active_directory)
  • Re: Password policy at the OU level
    ... Checkpoint issues with PPTP go back to the origin, ... >I would suggest that either you get their outbound VPN ... >password policy is enforced at the domain controllers. ... How do I handle service accounts? ...
    (microsoft.public.windows.group_policy)
  • Re: Re: Changing the domain password policy
    ... You deal with the Service Account passwords by making them comply with your password policy. ... you can create as many different password policies as you like - the Domain Password Policy will be the one actually applied to all users. ... I suppose that if you wanted to be extra safe, you could make a policy just for the service accounts, and have a different set of password requirements for these accounts, and have the default domain policy have the stronger password complexity settings. ...
    (Security-Basics)