G
Guest
I have an Active Directory domain of about 3800 users. I have set a password policy (8 characters, 45 day expiration, and complexity requirements). I need to have a few user accounts exempted, because they are associated with business processes.
1. I have tried creating a sub-OU, moving the users into the OU, and then blocking inheritance.
2. I went to the domain level password policy and set the Apply Group Policy to Deny for those users
3. I removed the Read rights to the domain policy for those users.
4. I tried to create another password policy to the sub-OU which held those users.
Nothing stopped the password requirements for those users. They still had to change the password.
What am I missing? How do I exempt these user accounts?
Thanks
Larry
1. I have tried creating a sub-OU, moving the users into the OU, and then blocking inheritance.
2. I went to the domain level password policy and set the Apply Group Policy to Deny for those users
3. I removed the Read rights to the domain policy for those users.
4. I tried to create another password policy to the sub-OU which held those users.
Nothing stopped the password requirements for those users. They still had to change the password.
What am I missing? How do I exempt these user accounts?
Thanks
Larry