I have domain level group policies set, and one OU level group policy. My goal is this:
Domain level password complexity is disabled for ease on users brains. We have a high security department, and any groups inside it belong in the "HS-Groups" OU There is a password policy in HS-Groups that requires password complexity for Authenticated Users. Will the domain level policy override this, or will the OU level policy take precedence? How can force the policy on the OU to take precedence but only for members of the groups in the OU? (The user accounts are not in the OU, just the groups they belong to) The goal is if a user suddenly gets added to one of the groups in this OU they have stricter screen saver, and password policies.