Re: Password Policy by OU

---

• From: "Danny Sanders" <Danny.Sanders@xxxxxxxxxxxxxxxxx>
• Date: Wed, 8 Mar 2006 15:40:07 -0700

---

One password policy per domain.

Password policies set at the OU level will only take affect when logging on
locally.

The thinking is if your domain holds info sensitive enough for "strong"
passwords, setting one set up users to use "weak" password amounts to
Windows allowing you to create a security hole.

hth
DDS W 2k MVP MCSE

"Doug Fox" <dfox138-no-spam@xxxxxxxxxxx> wrote in message
news:uhnoLVsQGHA.1416@xxxxxxxxxxxxxxxxxxxxxxx

Is it possible that we deploy password policy by OU? Let say, the HR
users' passwords are 8 characters in length, They must be changed every
30 days. The Manufacturing users' passwords are 6 characters in length and
must be changed every 42 days. I then setup 2 OUs. One for HR and one for
MFG and apply a GPO for each OU.

Any comments/suggestions are appreciated.

Thanks,

DF

.

---

• References:
  • Password Policy by OU
    • From: Doug Fox

• Prev by Date: Re: FOR A SKILLED IT EXPERT - WIN2K SERVER - DOMAIN CONTROLLER
• Next by Date: Re: Password Policy by OU
• Previous by thread: Password Policy by OU
• Next by thread: Re: Password Policy by OU
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Password Policy Change ... change my password policy to require 10 characters instead of 8, ... with 8 passwords have any issues logging in? ... applied next time their password expires or next time they change it. ... (microsoft.public.windows.server.active_directory) Re: domain controller ... It would have to be at the Domain level as the Password Policy is a domain ... Password Policies set at the OU level (I normally do not mention ... not affect domain user account objects! ... (microsoft.public.win2000.active_directory)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)