V
Veets
Hello,
We're running a Windows 2000 domain & I have a few questions about the
domain password policy settings.
I'm familiar with the GPO inheritance order -> Local -> Site -> Domain
GPO -> OU
I've read however, that you can only have 1 password policy setup for your
domain which is defined at the default GPO (I read it in the following
article ->
http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/enforce_strong_passwords.mspx)
As far as I understand it, what this means is that even if you define a new
password policy on an OU, it will not work since the OU will 'pick up' the
default GPO password settings? Is this correct? Also, will the default GPO
settings override the 'Account Lockout Policy' & 'Event Log' options of the
new OU as well?
If I'm right, does this mean that I'll need to create a new domain to get
around this problem?
I hope my questions are clear enough.
Any input is greatly appreciated. TIA
Best regards,
Veets
We're running a Windows 2000 domain & I have a few questions about the
domain password policy settings.
I'm familiar with the GPO inheritance order -> Local -> Site -> Domain
GPO -> OU
I've read however, that you can only have 1 password policy setup for your
domain which is defined at the default GPO (I read it in the following
article ->
http://www.microsoft.com/smallbusiness/gtm/securityguidance/articles/enforce_strong_passwords.mspx)
As far as I understand it, what this means is that even if you define a new
password policy on an OU, it will not work since the OU will 'pick up' the
default GPO password settings? Is this correct? Also, will the default GPO
settings override the 'Account Lockout Policy' & 'Event Log' options of the
new OU as well?
If I'm right, does this mean that I'll need to create a new domain to get
around this problem?
I hope my questions are clear enough.
Any input is greatly appreciated. TIA
Best regards,
Veets