Group Policy - Password Policy questions
background: dc windows 2003 sp2 standard server, have citrix web presentation server users login field , has outlook web access available them. less 100 users. domain architecture pretty flat; users in either 1 of 2 ous called partner or staff. presently, users cannot change password & password not expire in user account. present domain password policy undefined. plan implement complexity requirements & 181 day max password age in default domain policy after removing users cannot change password & password not expire in user accounts.
as added bonus, have approx 30 users laptops pgp encrypted disks. pgp encryption requires password changed task manager if single sign on maintained.
here have determined far: set test domain few users see happen if default domain policy changed while out in field. test users not change system password when trying access owa or citrix (i expected had verify). plan enable users change passwords in small groups of 5-8 users , many folks can in 1 day. i'll stragglers return office.
my question this: won't able set default domin policy @ least few days because of citrix & owa; users have changed password required again change password once policy established or recent change of password recognized? also, laptop password change have same results regard recent password change? in advance
as added bonus, have approx 30 users laptops pgp encrypted disks. pgp encryption requires password changed task manager if single sign on maintained.
here have determined far: set test domain few users see happen if default domain policy changed while out in field. test users not change system password when trying access owa or citrix (i expected had verify). plan enable users change passwords in small groups of 5-8 users , many folks can in 1 day. i'll stragglers return office.
my question this: won't able set default domin policy @ least few days because of citrix & owa; users have changed password required again change password once policy established or recent change of password recognized? also, laptop password change have same results regard recent password change? in advance
the dcs know when password last set.
if change password policy "never expire passwords" 181 days, hasn't changed password last 181 days prompted so. recent password changes (changes last 181 days) won't need repeated/re-changed.
cheers,
florian
microsoft mvp - group policy (http://www.frickelsoft.net/blog)
if change password policy "never expire passwords" 181 days, hasn't changed password last 181 days prompted so. recent password changes (changes last 181 days) won't need repeated/re-changed.
cheers,
florian
microsoft mvp - group policy (http://www.frickelsoft.net/blog)
Windows Server > Group Policy
Comments
Post a Comment