Solved

Group Policy

Posted on 2004-04-17
21
251 Views
Last Modified: 2010-04-19
I have a 2003 domain and all desktops are windows xp.I have set password expiration for domain accounts to sixty days.But i dont see that policy to be in effect.The password expiration alert does not apper on the users desktop and the users do not change there password as per the Group Policy.

Pls Help.

Thanks,
Ranga.
0
Comment
Question by:rangass
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
  • 4
  • +1
21 Comments
 
LVL 7

Expert Comment

by:IceRaven
ID: 10848327
Hi rangass,

Did you apply your group policy to the domain, or just to an object unit?

Cheers,
IceRaven
0
 

Author Comment

by:rangass
ID: 10848329
I have created a Domain Security policy.
0
 

Author Comment

by:rangass
ID: 10848355
I have applied it to the domain
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 7

Expert Comment

by:IceRaven
ID: 10848362
Did you create and link a new policy on the domain.  Or did you edit the default domain policy?
0
 

Author Comment

by:rangass
ID: 10848365
Just edited the default domain policy.
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10848386
rangass
Have you removed the "password never expires" switch from the user accounts?

Cheers

JamesDS
0
 

Author Comment

by:rangass
ID: 10848390
Yes i have removed it
0
 
LVL 7

Expert Comment

by:IceRaven
ID: 10848401
Just checking... it is the domain not the domain controllers that you have edited the GPO.

Next check that users are able to read the GPO.

right click the OU ....properties...group policy tab
ensure that the GPO you created shows in the links list
select the GPO and select properties.
click the security tab...
authenticated users in the top panel... check read and check apply group policy

Cheers,
IceRaven
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10848407
rangass

Run GPUPDATE.EXE at the domain controller and look in its application event log for SCECLI entries.

Cheers

JamesDS
0
 
LVL 7

Accepted Solution

by:
IceRaven earned 125 total points
ID: 10848414
Also if that fails, you could click options and select no override.

Cheers,
Ice Raven.
0
 
LVL 16

Assisted Solution

by:JamesDS
JamesDS earned 125 total points
ID: 10848419
rangass

I think we should install the GPMC on the Domain controller use it to perform an RSOP report.

Go to http://www.microsoft.com/windowsserver2003/technologies/management/grouppolicy/default.mspx

Cheers

JamesDS
0
 
LVL 7

Expert Comment

by:IceRaven
ID: 10848450
According to this ariticle,

http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;282224

after you have applied the changes to the domain password policy you will need to:

--Snip--
Steps to Refreshing the Machine Policy on a Domain Controller
Open a command prompt at the domain controller.
Type: secedit /refreshpolicy machine_policy /enforce
The following message should be displayed: "Group policy propagation from the domain has been initiated for this computer. It may take a few minutes for the propagation to complete and the new policy to take effect. Please check Application Log for errors, if any."
--Snip--

Cheers,
IceRaven
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10848909
IceRaven

Wrong OS!

This is Windows 2003, the SECEDIT /REFRESHPOLICY comand was replaced in Windows 2003 with GPUPDATE.EXE which always does User and Machine policies.

After this has run, you should then look in its application event log for SCECLI entries.

Cheers

JamesDS
0
 
LVL 7

Expert Comment

by:IceRaven
ID: 10848925
My Appologies,

You are quite right JamesDS.

Cheers,
IceRaven.
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10848931
no worries, bl@@dy MS moving the goalposts again :)

JDS
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10848978
If they did not move those goalposts, they would not be able to ask us any new questions for re-certification, eh..??

Best idea here is to install the GPMC..  it is a wonderful tool that should have been developed in W2K..!!  

But you can also run RSOP on the clients that have XP..    Just:

Start > Open > rsop.msc

and ck to see what policies are being applied..

FE
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10849774
FE

Certifications - I haven't got a single one! (unles you count the MS Access v2 course I did in '92)
We put our trainees through those before I let them anywhere near anything important :)

hehehe!

James
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10850392
*grin*  Certs only show the ability to confront a goal and complete it in my book.  they show nothing of real world experience, and that is what counts..!!

that being said, my clients like to see them though..  at least they look impressive..  :)
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10852893
rangass

How is your problem looking, we all went of on a bit of a busmans holiday there!

Cheers

JamesDS
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question