Click here to get back home

Multiple Password Policies?
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Multiple Password Policies? News Users 06-22-2005
Posted by News Users on June 22, 2005, 12:15 pm
Please log in for more thread options
 I'm assuming that on the basis that a password policies is specific to the
domain controller GPO that I cant set different/multiple password strengths
and policies for different users?

Or can I?

Cheers

Tim




Posted by Roger Abell on June 22, 2005, 6:45 am
Please log in for more thread options
 Within a single account realm, like a domain, you can only have
variable password policies by use of custom or third-party
extensions, like password filters. What is pre-built is one size
fits all. However, as Slav mentioned in another thread, you
can consider use of smart cards to the cases where you want
strength and set the blanket policy for the rest.

--
Roger Abell
Microsoft MVP (Windows Security)

> I'm assuming that on the basis that a password policies is specific to the
> domain controller GPO that I cant set different/multiple password
strengths
> and policies for different users?
>
> Or can I?
>
> Cheers
>
> Tim
>
>




Posted by S. Pidgorny on June 22, 2005, 9:57 pm
Please log in for more thread options
Nope security policy is per domain

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

> I'm assuming that on the basis that a password policies is specific to the
> domain controller GPO that I cant set different/multiple password
strengths
> and policies for different users?
>
> Or can I?
>
> Cheers
>
> Tim
>
>




Posted by Roger Abell on June 22, 2005, 6:43 am
Please log in for more thread options
Careful Slav, Security Policy is more than just Account Policy.
The former can be varied, except for specific parts as the later.

--
Roger

> Nope security policy is per domain
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> > I'm assuming that on the basis that a password policies is specific to
the
> > domain controller GPO that I cant set different/multiple password
> strengths
> > and policies for different users?
> >
> > Or can I?
> >
> > Cheers
> >
> > Tim
> >
> >
>
>




Posted by Steven L Umbach on June 23, 2005, 10:57 pm
Please log in for more thread options
For "domain" users this is only configured at the domain level - not at the
domain controller container though domain controllers read the
account/password policy from the domain container. Also when you configure
security policy keep in mind that it is computer configuration - not user
configuration. Roger's suggestions for an alternative passfilt.dll or use of
smart cards would be a work around to domain policy. Smart cards for at
least domain administrators [of all groups] makes a lot of sense. --- Steve

http://www.altusnet.com/passfilt/ --- a third party password filter.

> I'm assuming that on the basis that a password policies is specific to the
> domain controller GPO that I cant set different/multiple password
> strengths and policies for different users?
>
> Or can I?
>
> Cheers
>
> Tim
>
>




Similar ThreadsPosted
Can I have multiple password policies? March 19, 2007, 1:17 am
What security policies effect tasklist.exe password prompt behavior? February 29, 2008, 9:29 am
Firewall setting for multiple FTP sites using multiple ports September 12, 2006, 12:35 pm
Multiple CAs: Selection mechanism for autoenrollment? June 16, 2005, 1:14 pm
Multiple user certificate thumbprint April 19, 2006, 10:04 pm
Implementing PKI infrastructure in multiple forrests January 14, 2008, 2:47 pm
Security templates, problem with multiple settings July 26, 2005, 1:50 pm
Multiple Event ID 529 Errors in Server 2003 April 10, 2006, 1:34 pm
Adding multiple entries for the same user with xcacls... July 19, 2007, 2:21 pm
Folder Encryption Multiple User Access October 16, 2007, 10:35 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap