Enable Password Policies
An messagebox wich recommend me to enable password policies is appearing.
"Password policies have not been enable on the network. It is recommended that all user accounts be protected by strong passwords. Do you want to enable strong passwords now?" Yes No.
What should I do? I can of course just enable it but wan't to ask first. Partly because no (or just one hit) appears in the whole SBS area and very little information on Microsoft.
Does strong passwords means that I can't use a password like the name of the corporate, as we use on one official "used by all"-computer. That should run some users mad. On other hand we really need strong passwords on some users able to remoteconnect to the network (those have difference templates specifically for mobile access).
"Password policies have not been enable on the network. It is recommended that all user accounts be protected by strong passwords. Do you want to enable strong passwords now?" Yes No.
What should I do? I can of course just enable it but wan't to ask first. Partly because no (or just one hit) appears in the whole SBS area and very little information on Microsoft.
Does strong passwords means that I can't use a password like the name of the corporate, as we use on one official "used by all"-computer. That should run some users mad. On other hand we really need strong passwords on some users able to remoteconnect to the network (those have difference templates specifically for mobile access).
ASKER
Can I set difference policies for difference GPO's through this wizard? Or some other wizard? because I don't want strong passwords on users belongs to a specifik GPO. AS I can understand from other posts it's not an good idea to change the policy directly on the GPO itself?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Tech!
Thanks for answer. Yes and that's also recommended that I done this task After all computers and users are added, says the helpfiles :-). Because the computers can't be added before the whole server replacement, I haven't set it up yet. What are the benefits of adding all computers first? Does it make sense, because no users are affected?
Thanks for answer. Yes and that's also recommended that I done this task After all computers and users are added, says the helpfiles :-). Because the computers can't be added before the whole server replacement, I haven't set it up yet. What are the benefits of adding all computers first? Does it make sense, because no users are affected?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OBda: Thank's for the answer! That's exactly what I thought I need to do.
dingir,
I would suspect that the recommendation to wait until after all computers and users are added is made with the thought that it would be a short time before that would be finished... ie, a day or two. There's no real reason to wait to implement the policy other than for the convenience of initially setting up your network.
Jeff
TechSoEasy
I would suspect that the recommendation to wait until after all computers and users are added is made with the thought that it would be a short time before that would be finished... ie, a day or two. There's no real reason to wait to implement the policy other than for the convenience of initially setting up your network.
Jeff
TechSoEasy
-length (length)
-complexity (always three types of characters out of 4)
-age (days)
Ref:
Configure Password PoliciesUsing strong passwords is important, and configuring password policies to enforce strong passwords helps keep the Windows Small Business Server network secure. After you configure or change password policies, all users are required to change their passwords the next time they log on. The password policy options are as follows:
Password must meet minimum length requirements. This option determines the least number of characters that a password can contain. Setting a minimum length protects your network by preventing users from having short or blank passwords. The default minimum length is 7 characters.
Password must meet complexity requirements. This option determines whether passwords must contain different types of characters. If this policy is enabled, passwords cannot contain all or part of a user's account name and must contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Numerals (0 through 9)
Nonalphanumeric characters (such as , !, $, #, and %)
Password must be changed regularly. This option determines the period of time (in days) that a password can be used before the system requires the user to change it. The default maximum password age is 42 days.