I'm running a Windows 2003 SP1 network and am trying to roll out a password policy through GP, but it's not working. I've tried running it through the default GP and through new policies on separate containers and still I have no luck getting it to work. I recently read a short blurb about using the DC policy instead. Is that true? Any ideas what I'm doing wrong?
In Windows 2000 and Windows Server 2003, you can only have one password policy, account lockout policy and Kerberos per domain. (I believe that this is going to change in Longhorn.) If you have a subset of users within your domain who absolutely require a different configuration for these items, they need to be configured with a separate domain. To configure a password policy for your domain, create a GPO and link it to your domain, or else modify an existing domain policy that's already in place.
Dig deeper on Microsoft Group Policy Management
Active Directory expert Laura E. Hunter offers some advice for changing the IP addresses of domain controllers.continue reading
An admin needs to grant user access rights for those needing to traverse directory trees. Our server management expert explains how to use Group ...continue reading
An admin has two domains and two Active Directories. He wants to know how to join the Active Directories so that internal staff can access both, but ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.