I need help with Group Policy. I need to apply two
different password policies in my domain and can't seem
to get it to work properly. I need to know what is the
correct way and where to apply the two different password
polices?

It is not going to work. There can be only one password policy in a
domain. If you need two separate password policies then you need two
separate Domains. There is no getting around this....not really!

Cary

"The Rock" <(E-Mail Removed)> wrote in message
news:94b601c4789e$91432880$(E-Mail Removed)...
> I need help with Group Policy. I need to apply two
> different password policies in my domain and can't seem
> to get it to work properly. I need to know what is the
> correct way and where to apply the two different password
> polices?

From what I have read from Microsoft, Account Policies
which include the Password Policies can be applied to
OUs. If that is the case can't I remove the Password
Policies from the Domain Policy and apply them to all OUs?
----
http://www.microsoft.com/resources/d...tion/Windows/X
P/all/reskit/en-us/Default.asp?
url=/resources/documentation/windows/xp/all/reskit/en-
us/prdp_log_fann.asp

By default, all computers that are not-domain controllers
will also receive the default domain account policy for
their local accounts. However different account policies
might be established for local accounts on computers that
are not domain controllers by setting an account policy
at the organizational unit level. Account policies for
stand-alone computers can be set using Local Security
Policy
----

>-----Original Message-----
>It is not going to work. There can be only one
password policy in a
>domain. If you need two separate password policies then
you need two
>separate Domains. There is no getting around
this....not really!
>
>Cary
>
>"The Rock" <(E-Mail Removed)> wrote
in message
>news:94b601c4789e$91432880$(E-Mail Removed)...
>> I need help with Group Policy. I need to apply two
>> different password policies in my domain and can't seem
>> to get it to work properly. I need to know what is the
>> correct way and where to apply the two different
password
>> polices?
>
>
>.
>

The Rock wrote:

> From what I have read from Microsoft, Account Policies
> which include the Password Policies can be applied to
> OUs. If that is the case can't I remove the Password
> Policies from the Domain Policy and apply them to all OUs?
> ----
> http://www.microsoft.com/resources/d...tion/Windows/X
> P/all/reskit/en-us/Default.asp?
> url=/resources/documentation/windows/xp/all/reskit/en-
> us/prdp_log_fann.asp
>
> By default, all computers that are not-domain controllers
> will also receive the default domain account policy for
> their local accounts. However different account policies
> might be established for local accounts on computers that
> are not domain controllers by setting an account policy
> at the organizational unit level. Account policies for
> stand-alone computers can be set using Local Security
> Policy
> ----
Hi

Note the wording "local accounts" in the text above. This means
local users on each computer (e.g. the "Administrator" user) and
not AD domain user accounts.


--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scr...r/default.mspx