<div>
<div class="content wysiwyg-content">
I have set a password expiration group policy on our domain. &nbsp;My question is, who receiveds the password expiration policy in a domain, the domain controller or individual computers? &nbsp;Also, where is the best place to set the policy, on the &quot;Default Domain Policy&quot; or &quot;Default Domain Controllers Policy&quot;?<br />
My reason for asking is because we use Active Directory for our user authentication on our customer website, and want set password expiration. &nbsp;Before now there hasn't been any password policy set, and I just some information on how this works.
</div>
</div>


I have set a password expiration group policy on our domain.  My question is, who receiveds the password expiration policy in a domain, the domain controller or individual computers?  Also, where is the best place to set the policy, on the "Default Domain Policy" or "Default Domain Controllers Policy"?
My reason for asking is because we use Active Directory for our user authentication on our customer website, and want set password expiration.  Before now there hasn't been any password policy set, and I just some information on how this works.

Password Expiration Group Policy

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.