Password Policy in AD

G

Guest

Hi,
We have a Windows 2000 Domain. We'd like to enforce some password security
policy, such as password age, length. But we don't want to apply to everyone
in the domain. We want to select a group and apply the policy to it. So only
members of that group is required to follow the password rules.

Is it possible? Please advise.
 
D

Danny Sanders

Password policies are one to a domain. If your domain has information in it
worth protecting with "strong" passwords, setting up a group with less than
"strong" passwords is equal to creating a security hole.

Why try to brute force a "strong" password when there are "weak" passwords
on the same domain?


This is one reason to create a second domain.


hth
DDS W 2k MVP MCSE
 
M

Mark Renoden [MSFT]

J

JB

Use this.

http://www.altusnet.com/passfilt/






Mark Renoden said:
Hi all

I've posted this a few times. Excellent reference for this stuff is

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/bpactlck.mspx

Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.

Danny Sanders said:
Password policies are one to a domain. If your domain has information in
it
worth protecting with "strong" passwords, setting up a group with less
than
"strong" passwords is equal to creating a security hole.

Why try to brute force a "strong" password when there are "weak" passwords
on the same domain?


This is one reason to create a second domain.


hth
DDS W 2k MVP MCSE
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD and Password policy question 12
Password Policy Reset to the old setting, Why? 8
default domain policy, password policy 2
Password Policy for Service Accounts 2
Domain Security Policy vs. OU specific Policy 1
Applying Password Policy to Group 4
Account Policies 3
Active Directory Domain Policy 13

Top