Solved

Difference between "Local" and "Effective" Paswword Policy

Posted on 2004-09-07
3
188 Views
Last Modified: 2013-12-04
We just got an internal audit, and I was asked to print out our Default Domain Password Policy.  I have it set to remember the last 6 passwords, change every 60 days, minimum of 1 day, and must be at least 6 characters.  This shows correctly under "Effective", but under "Local", the settings are different and much more "relaxed".  If I remember right, "Effective" is what is in use, and "Local" is just the policy for the actual DC server itself, no?  This is when I look at the settings on the actual DC itself.  If I go to AD Users and Computers>Mydomain>(right-click)Properties>Group Policy>Computer Config>Windows Settings>Security Settings>Password Policy, everything looks correct.  I want to make sure before I tell them that they're looking at the "wrong" setting.  Thanks.
0
Comment
Question by:tenover
3 Comments
 
LVL 7

Accepted Solution

by:
msice earned 500 total points
ID: 12001732
Yes local is for the local computer account. The Default Domain Password Policy is for the domain. So if you login localy to a computer it will use the "relaxed" local polocy.  
0
 
LVL 1

Expert Comment

by:shinds57
ID: 12007220
You are correct. They should know that DC's have their own Default Domain Controller GPO. This policy allows you to log on locally as a Domain Admin and nobody else can log in locally to the DC.

shinds57
0
 

Author Comment

by:tenover
ID: 12007949
Thanks.  Just wanted to double check.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question