Group policy application problem
Posted on 2009-04-30
I am having some strange problems with applying group policies.
I am now required to deploy some more complex password rules throughout my domain. I created a new policy for these new password rules. There are settings in this policy that relate to computer and user settings. I created new OU's for testing purposes and moved a computer and a user to the appropriate OU's. I blocked inheritance on both OU's and then applied the new password GPO to the new OU's. I rebooted the test workstation and logged in as the test user.
If I run gpresult, the only computer and user policy that is applied is my new GPO, however the settings are not being enforced. For example, the new policy dictates that the minimum password length should be 7 characters. My test user has a password that is 4 characters long. If I hit CRTL-ALT-DEL and change the password, it is not requiring the 7 character length. It is however telling me that my password length must be at least 4 characters long. There is no GPO applied that is requiring this. I have even checked the local workstation policies and there is nothing there either.
I do have a policy that requires a 4 character password, but I discovered during this process that it is not linked to any GPO's. Not sure how that happened, but if that's the case, why are the password length requirements still being applied?
This is not my first go around with group policies. I'm very confused as to what is happening. I've done gpudate /force, rebooted the workstation, even removed it from the domain, deleted in in AD and then rejoined it and moved it back to the OU. Nothing is helping.