Re: 2003 AD security policy question

From: Curious George's Twin (shaggy_at_whoamitoday.net)
Date: 04/27/05

Next message: Matt Helm: "Re: XP sp2 turning off the firewall in group policies"
Previous message: Steven L Umbach: "Re: Weird Group Policy Message"
In reply to: Miha Pihler [MVP]: "Re: 2003 AD security policy question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 27 Apr 2005 05:58:58 -0400

Dear Mike:

Actually, its for a school where little kids cant have strong passwords and
where teachers and administrators need to have them because they are
boneheads.

CC
"Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
news:uy1lwwvSFHA.2336@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> Unfortunately there can only be one account (password) policy in domain.
> If you need stronger passwords for one group of users, you would have to
> move these users to e.g. child domain and assign stronger password
> requirements on this child domain.
>
> If you really think about it, it wouldn't make much sense to have very
> secure password and not so secure passwords in same domain. It would be
> like house that has half of the windows with bulletproof glass installed
> and other half of the windows with ordinary glass. Those bulletproof
> windows wouldn't contribute much to security of the house...
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "Curious George's Twin" <shaggy@whoamitoday.net> wrote in message
> news:i6Gbe.1310$Hf6.711@fe11.lga...
>> Dear Colleagues:
>>
>> With Windows NT networks (and I believe 2000 as well), I was unable to
>> set up a stronger password policy for certain groups.
>>
>> My desired result is to put a stronger password policy on one group, but
>> a weaker one on another. Specifically, password complexity rules.
>>
>> Is this possible with Windows 2003 active directory enabled networks and
>> those that have 2000 servers in the mix?
>>
>> Thanks,
>>
>> CC
>>
>
>

Next message: Matt Helm: "Re: XP sp2 turning off the firewall in group policies"
Previous message: Steven L Umbach: "Re: Weird Group Policy Message"
In reply to: Miha Pihler [MVP]: "Re: 2003 AD security policy question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: 2003 AD networks security question
... other half of the windows with ordinary glass. ... > up a stronger password policy for certain groups. ...
(microsoft.public.security)
Re: 2003 AD security policy question
... other half of the windows with ordinary glass. ... > up a stronger password policy for certain groups. ...
(microsoft.public.windows.server.security)
RE: NT4 Migration path
... the best migration path for this kind of setup? ... ADMT to migrate the original two Windows NT to the two child domain ... Is it possible to move all my users and nt/2000 server and nt/xp ...
(microsoft.public.windows.server.migration)
Re: NT4 to W2K3 Migration
... after we migrate to Windows 2k3 domain. ... If we migrate all the computer accounts and user accounts in NT domain ... to the new child domain and migrate "DOM2" later, ... How to establish trusts with a Windows NT-based domain in Windows Server ...
(microsoft.public.windows.server.migration)
Re: Checlist For Domain & Forest Raise
... WE have removd all windows nt PDC +BDC & Exchannge 5.5 from ad, ... scenario is we have Parent & child domain enviroment. ... now we have planning to RAISE Domain & Forest level to Windows 2003, ...
(microsoft.public.windows.server.active_directory)