Default Domain Password Policy not working

S

Scott

We have set out pasword policy to change after 90 days. 90
days has passed and the password policy was not enforced.
We have changed it to change after 5 days, but still no
luck. We are not even getting the prompt that the passwod
will expire in 14 days message. Any help would be greatly
appreciated.
Single Win2k Domain
SP4
No other policies in place.
 
S

Steven L Umbach

On the domain controller run "net accounts" to see what it reports as far as password
policy. I would suggest running dcdiag on the domain controller looking for any
failed tests that may help pinpoint the problem. If you do have more than one GPO
configured at the domain level [double check to be sure - I know you stated no other
policies] , then the one at the top of the list will have the highest priority and
any password policy defined there would override the default domain policy. I would
also view the Local Security Policy on the domain controller to see what the
"effective" setting is for your password policy settings. --- Steve
 
S

Scott

Still no luck..Created new policy. Will have to wait for
it to update and troubleshoot some more. Im getting an
event ID:1202
-----Original Message-----
On the domain controller run "net accounts" to see what it reports as far as password
policy. I would suggest running dcdiag on the domain controller looking for any
failed tests that may help pinpoint the problem. If you do have more than one GPO
configured at the domain level [double check to be sure - I know you stated no other
policies] , then the one at the top of the list will have the highest priority and
any password policy defined there would override the default domain policy. I would
also view the Local Security Policy on the domain controller to see what the
"effective" setting is for your password policy settings. --- Steve


Scott said:
We have set out pasword policy to change after 90 days. 90
days has passed and the password policy was not enforced.
We have changed it to change after 5 days, but still no
luck. We are not even getting the prompt that the passwod
will expire in 14 days message. Any help would be greatly
appreciated.
Single Win2k Domain
SP4
No other policies in place.
Click to expand...


.
Click to expand...
 
S

Steven L Umbach

Event ID 1202 certainly may indicate a problem. It often is associated with other
event ID's. I suggest you try searching http://www.evenid.net for it and also search
Microsoft Knowledge Base. Check the domain container in ADUC to make sure that the
default domain policy is linked to it. You also may find the Group Policy management
Console very helpful in troubleshooting these issues. You can install it on a XP Pro
SP1 machine in the domain and use it from their to manage domain policy. Just be sure
the XP Pro machine is trusted/secure because you will need to use a domain
administrors account to use it. --- Steve

http://www.microsoft.com/windowsserver2003/gpmc/default.mspx
http://search.microsoft.com/search/search.aspx?st=a&View=en-us --- search here.

Scott said:
Still no luck..Created new policy. Will have to wait for
it to update and troubleshoot some more. Im getting an
event ID:1202
-----Original Message-----
On the domain controller run "net accounts" to see what it reports as far as password
policy. I would suggest running dcdiag on the domain controller looking for any
failed tests that may help pinpoint the problem. If you do have more than one GPO
configured at the domain level [double check to be sure - I know you stated no other
policies] , then the one at the top of the list will have the highest priority and
any password policy defined there would override the default domain policy. I would
also view the Local Security Policy on the domain controller to see what the
"effective" setting is for your password policy settings. --- Steve


Scott said:
We have set out pasword policy to change after 90 days. 90
days has passed and the password policy was not enforced.
We have changed it to change after 5 days, but still no
luck. We are not even getting the prompt that the passwod
will expire in 14 days message. Any help would be greatly
appreciated.
Single Win2k Domain
SP4
No other policies in place.
Click to expand...


.
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Password Expiration Not Working... 6
Password Policy 1
How do I set password expiry notification date?? 2
Password Expiration Policy 4
Domain vs Domain Controller Security Policy 2
Domain Password Policy 3
Password policy 5
Password Policy 1

Top