I was hoping you could point me in the right direction.
We have a location which is trying to migrate a business process to our Active Directory servers. It must have a specific user (for testing ASYSCON) and the non-standard password of Enterprise, which we can't change without consultants coming in and $$$. Everything is working correctly except the password violates our new password standard for the domain - ours requires the password to be at least eight characters long, must have both an upper case and lower case letter or a special character (!@#$%^&*) and must meet complexity requirements is enabled.
Attempt 1: Created Sub-OU and put ASYSCON into it, and blocked inheritance
Attempt 2: Created new password policy on Sub-OU and set No Overide
Attempt 3: Went to the Domain Password Policy and created an explicite deny for Asyscon
I also created a group called 'SSS Password Waiver Group' and put ASYSCON into it, also Denying the policy and removing the READ attribute.
We have waited overnight for these policies to replicate to all the DCs. This morning I logged in as ASYSCON and ran GPRESULTS.EXE. Attached is the results still showing the policy being pushed down.
Your thoughts would be appreciated. The process is running on a failing Novell server which we need to move to AD. Also we have other locations which need these exemptions for business processes.