Group Policy question...

G

Guest

I have a question on group policies…I have created an OU that contains only our IT department. I added a group policy for passwords, and I linked the OU to this policy…I also added our IT group under the security filtering box. This password policy is set to enforce a password change – minimum days is 1, and maximum days is set to 5 (just for testing purposes). I enforced the group policy, but none of us have been warned of our passwords expiring or to change it.

This is the first policy we are trying to put in place, but I cannot figure out what is wrong. I have read everything there is to read on group policies…there are no other policies that could be interfering…I checked the no override, and everyone has read and apply group policy rights.

Any idea what step I’m missing? Your assistance would be greatly appreciated!!

Thanks in advance
 
H

Herb Martin

Sunnie said:
I have a question on group policies.I have created an OU that contains
Click to expand...
only our IT department. I added a group policy for passwords, and I linked
the OU to this policy.

Password Policies (and everthing in Security\Account Policies, i.e.,
Lockout and Kerberos) are PER DOMAIN policies and have no
effect on domain logins unless linked to the Domain.

Actually you "linked the GPO to the OU" (not the other
way around.)
I also added our IT group under the security filtering box. This password
Click to expand...
policy is set to enforce a password change - minimum days is 1, and maximum
days is set to 5 (just for testing purposes). I enforced the group policy,
but none of us have been warned of our passwords expiring or to change it.
This is the first policy we are trying to put in place, but I cannot
Click to expand...
figure out what is wrong. I have read everything there is to read on group
policies.there are no other policies that could be interfering.I checked the
no override, and everyone has read and apply group policy rights.

Domain only policy.
Any idea what step I'm missing? Your assistance would be greatly
Click to expand...
appreciated!!
 
C

Cary Shultz [A.D. MVP]

Herb,

in-line......


Herb Martin said:
only our IT department. I added a group policy for passwords, and I linked
the OU to this policy.

Password Policies (and everthing in Security\Account Policies, i.e.,
Lockout and Kerberos) are PER DOMAIN policies and have no
effect on domain logins unless linked to the Domain.
Click to expand...


Correct, but a password policy that is linked to an Organizational Unit will
have some effect - namely, on any computer account objects that might be
located in that OU. Anyone account used to logon on locally ( agreed - you
did state 'domain logons' ) will be affected.

Cary
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Group Policy Password Policy Not effecting 1
Group Policy Problem 3
Group Policy 7
strong password group policy 2
Active Directory Domain Policy 13
Group Policy not applying over Network to XP users 4
Applying Password Policy to Group 4
Password Policy 1

Top