Changes to Domain Policy not enforced

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have changed the password policies in our default domain controllers
policy but the changes are not being enforced. We are also using group
policies on the organizational units but the password polices are all
disabled on these. I've tried gpupdate, logging off/on, rebooting, etc. Any
ideas?

p.s. Block Policy inheritance is not enabled in Domain Controllers
Properties.
 
Password policies need to be applied at the domain level. Setting a
password policy at an OU level will only affect the passwords for the local
accounts. Because domain controllers do not have local accounts as servers
and workstations do, account policies that are defined in the default domain
controller's organizational unit have no effect.

See the following KB articles:
How to configure account policies in Active Directory -
http://support.microsoft.com/kb/255550/en-us
Domain Security Policy in Windows 2000 -
http://support.microsoft.com/kb/221930/

--
Judith Herman
Microsoft Corporation
Server User Assistance - Group Policy
======================
This posting is provided "AS IS" with no warranties, and confers no rights.
======================
 
Back
Top