Password Policy and AD

Toggle sidebar Toggle sidebar
W

wayner

Distinguished
Apr 24, 2004
8
0
18,510
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Hi,
I would like to set up a password policy - single domain,
40 users, couple of DCs, win2K and exchange2k servers. I
do not want the admin password to have to be changed like
the users. Should I make the changes in the domain
security policy - account policy settings and then check
password never expires for admin account? Will the GP
overide this setting? Or should I create a group or ou for
users and apply the security policy to the ou? I really do
not know what to do for this second approach and would
probably mess it up without specific steps to follow.
What/where is a good guideline for this?
Thanks much - Wayner
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

configure the domain policy for "the users" and then just modify the
administrator user account to never expire the password. Here, you can
manually set the password as you feel you should.

--
Derek Melber
BrainCore.Net
derekm@braincore.net
"Wayner" <anonymous@discussions.microsoft.com> wrote in message
news:938801c43391$61c23ad0$a401280a@phx.gbl...
> Hi,
> I would like to set up a password policy - single domain,
> 40 users, couple of DCs, win2K and exchange2k servers. I
> do not want the admin password to have to be changed like
> the users. Should I make the changes in the domain
> security policy - account policy settings and then check
> password never expires for admin account? Will the GP
> overide this setting? Or should I create a group or ou for
> users and apply the security policy to the ou? I really do
> not know what to do for this second approach and would
> probably mess it up without specific steps to follow.
> What/where is a good guideline for this?
> Thanks much - Wayner
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Any accounts that you manually set to "Password never expires" in the ADUC
MMC console will not be affected by the password policy. That's what I do
with my service accounts, since I don't want them expiring manually - I set
them to never expire, then manually change the password and re-start the
services on a regular basis.

--
******************************
Laura E. Hunter - MCSE, MCT, MVP
Replies to newsgroup only


"Wayner" <anonymous@discussions.microsoft.com> wrote in message
news:938801c43391$61c23ad0$a401280a@phx.gbl...
> Hi,
> I would like to set up a password policy - single domain,
> 40 users, couple of DCs, win2K and exchange2k servers. I
> do not want the admin password to have to be changed like
> the users. Should I make the changes in the domain
> security policy - account policy settings and then check
> password never expires for admin account? Will the GP
> overide this setting? Or should I create a group or ou for
> users and apply the security policy to the ou? I really do
> not know what to do for this second approach and would
> probably mess it up without specific steps to follow.
> What/where is a good guideline for this?
> Thanks much - Wayner
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom