Solved

Domain policy doesn't seem to update

Posted on 2004-09-01
8
153 Views
Last Modified: 2013-12-04
In the domain policy, on a Windows 2000 Domain Controller, I set the security policy to warn a user 14 days before their password needs to be changed.  This change was made 2 months ago.

I found out today (the hard way) that a user was forced to change their password without getting any warning at all.  They had to change it upon login.

Since this change to policy was made 2 months ago, and there was a change, the policy certianly would have been updated by now without me having to run secedit /refreshpolicy.

Does anyone have any ideas why this may have happened?  I do not know if it's happened on other machines in the office, but that's the direction I am headed in troubleshooting next.

Thanks!
Scott
0
Comment
Question by:scottman29
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 7

Expert Comment

by:msice
ID: 11958575
Hey Scott,
Is this policy set in the Default Domain Ploicy?
0
 
LVL 5

Author Comment

by:scottman29
ID: 11958996
yes the default domain policy...
0
 
LVL 7

Expert Comment

by:msice
ID: 11959020
Has the user loged on within the last 14 days?
0
 
LVL 5

Author Comment

by:scottman29
ID: 11959039
yes, daily...
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 7

Accepted Solution

by:
msice earned 75 total points
ID: 11959074
I have noticed some systems have a long time between refreshpolicy or just seem to get stuck and dont refresh at all and need secedit /enforce or secedit /refreshpolicy . I see this problem once in a while and I have ased questions here about it and they have not been answerd http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20967916.html I dont find any MS docs about it either. I would run secedit /refreshpolicy on that computer and the problem with that computer will probly go away for a while.
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 50 total points
ID: 11960816
on windows XP you will need to run gpupdate /force as opposed to secedit
0
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 11983317
I have found that sometimes several reboots (not just logging the user out) are required for policies to update on a machine.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11998349
ThanQ
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now