|
Posted by Roger Abell [MVP] on April 26, 2006, 6:27 am
Please log in for more thread options Yes, that is what use of Disabled should do, just as you are expecting.
Has the machine been rebooted ?
Are you sure that there are now overriding GPOs nullifying the setting
provided in the OU-linked GPO?
> Hi,
>
> yes, a new password policies was added in a new OU for a group of
> computers,
> but somehow that policy doesn't take effect on those computers although
> GPRESULT has shown that GP was applied.
>
> I set the policy setting to "DISABLED" for the policy named "Password must
> meet complexity requirements". Does that mean "Password NEED NOT meet
> complexity requirements"??
>
>
>
> "Miha Pihler [MVP]" wrote:
>
>> Hi,
>>
>> In a domain -- there can be only one password (account) policy and this
>> one
>> policy is applied at domain level. While you can add additional password
>> policies and apply them to e.g. OU it will only apply to local accounts
>> on
>> computers in that OU. This policy will _not_ have any effect on domain
>> user
>> accounts.
>>
>> Account and local policies
>>
http://technet2.microsoft.com/WindowsServer/en/Library/04d8f32b-8ec7-4176-9d09-29f8c062d2391033.mspx
>>
>> --
>> Mike
>> Microsoft MVP - Windows Security
>>
>> >I have disabled the policy of 'Password must meet complexity
>> >requirements'
>> > in my OU Group Policy. And I realize that GP has been successfully
>> > applied
>> > onto my XP client from GPRESULT. However, the Local Policy Setting in
>> > the
>> > my
>> > XP client doesn't show this policy is disabled, complexity password
>> > still
>> > required when I create local user account. Please help... Thank you.
>> >
>>
>>
>>
| 
XML Sitemap