Password Policy GPO in Windows 2003

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

I have a colleague who just attended training and says that you can now
apply password policies at the OU level in Win2003 AD rather than having it
be at the Domain level in Win2k AD. Can anyone confirm or deny this? I
hadn't heard of this change, but it would be a nice change!

Mike

 

[Guest]

Archived from groups: microsoft.public.win2000.group_policy (More info?)

All domain controllers in the domain must abide by the same password policy.
There is no rule that a DC has to stay in the domain controllers container.
That is why it must be defined at the domain level. You can setup the
password policies at an OU level in W2k/3 but it will only effect the local
policy of the computers in that container.
This would be pretty easy to test, if you were so inclined.

--
James Brandt [MSFT]


"Mike Towan" <mtowan@ci.fremont.ca.us> wrote in message
news:un3ZDGEkEHA.3664@TK2MSFTNGP12.phx.gbl...
>I have a colleague who just attended training and says that you can now
> apply password policies at the OU level in Win2003 AD rather than having
> it
> be at the Domain level in Win2k AD. Can anyone confirm or deny this? I
> hadn't heard of this change, but it would be a nice change!
>
> Mike
>
>