Re: 2003 AD security policy question
From: Miha Pihler [MVP] (mihap-news_at_atlantis.si)
Date: 04/27/05
- Next message: Steven L Umbach: "Re: Kerberos Ticket User"
- Previous message: Will: "Weird Group Policy Message"
- Next in thread: Curious George's Twin: "Re: 2003 AD security policy question"
- Reply: Curious George's Twin: "Re: 2003 AD security policy question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 27 Apr 2005 09:39:29 +0200
Hi,
Unfortunately there can only be one account (password) policy in domain. If
you need stronger passwords for one group of users, you would have to move
these users to e.g. child domain and assign stronger password requirements
on this child domain.
If you really think about it, it wouldn't make much sense to have very
secure password and not so secure passwords in same domain. It would be like
house that has half of the windows with bulletproof glass installed and
other half of the windows with ordinary glass. Those bulletproof windows
wouldn't contribute much to security of the house...
-- Mike Microsoft MVP - Windows Security "Curious George's Twin" <shaggy@whoamitoday.net> wrote in message news:i6Gbe.1310$Hf6.711@fe11.lga... > Dear Colleagues: > > With Windows NT networks (and I believe 2000 as well), I was unable to set > up a stronger password policy for certain groups. > > My desired result is to put a stronger password policy on one group, but a > weaker one on another. Specifically, password complexity rules. > > Is this possible with Windows 2003 active directory enabled networks and > those that have 2000 servers in the mix? > > Thanks, > > CC >
- Next message: Steven L Umbach: "Re: Kerberos Ticket User"
- Previous message: Will: "Weird Group Policy Message"
- Next in thread: Curious George's Twin: "Re: 2003 AD security policy question"
- Reply: Curious George's Twin: "Re: 2003 AD security policy question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
