Domain Security Policy Question

J

Jerry

I have a domain level security policy that specifies the
password length should be 5 characters. I want to create
an OU policy that specifies the password length should be
10 characters.

Which policy will take affect?

I know that in general, policies work down from local,
site, domain, OU. However, I thought I read somewhere
that domain security policies are the exception.

Is this true?

Thanks in advance.

Jerry
 
R

Richard Moreno

Hi Jerry-

There is an exception and it pertains only to any and all account policies
in AD: They apply to the entire domain and nothing less. Therefore you
cannot alter the password length requirements for any account unless you
create a child domain (or any separate domain).

--
Thanks,
Richard Moreno
MCSE NT4\2000, MCSA 2000

This posting is provided "AS IS" with no warranties, and confers no
rights.
 
R

\Richard McCall [MSFT]\

You are correct. Password policies have to be changed in the Default Domain
Policy.
 
D

Deji Akomolafe

You can not. If you need multiple password policies, you need multiple
domains.

HTH
Deji
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Domain Password Policy 1
Password Policy at a OU Level. 2
Active Directory Domain Policy 13
Domain Security Policy vs. OU specific Policy 1
default domain policy, password policy 2
Group Security Policy not being applied 1
pc takes time to apply computer settings 1
Group Policy Argument 2

Top