<div>
Create a seperate OU for each of the two groups of users and apply a different policy to each OU, problem solved :D
</div>


Create a seperate OU for each of the two groups of users and apply a different policy to each OU, problem solved :D

<div>
Neilsr - <br />
<br />
You are aware that that won't work - password policies are domain wide and cannot be segmented like that.<br />
<br />

</div>


Neilsr -

You are aware that that won't work - password policies are domain wide and cannot be segmented like that.



<div>
Quote from <a href="http://technet.microsoft.com/en-us/magazine/2007.12.securitywatch.aspx" rel="ugc">http://technet.microsoft.com/en-us/magazine/2007.12.securitywatch.aspx</a><br />
<br />
&quot;If you run any version of Windows® domain today (Windows NT®, Windows 2000 Active Directory®, or Windows Server® 2003 Active Directory), you are limited to a single password policy per domain.&quot;
</div>


Quote from http://technet.microsoft.com/en-us/magazine/2007.12.securitywatch.aspx [http://technet.microsoft.com/en-us/magazine/2007.12.securitywatch.aspx]

"If you run any version of Windows® domain today (Windows NT®, Windows 2000 Active Directory®, or Windows Server® 2003 Active Directory), you are limited to a single password policy per domain."

<div>
This article supports leew's suggestion.... &nbsp;<a href="http://technet.microsoft.com/en-us/library/cc875814.aspx" rel="ugc">http://technet.microsoft.com/en-us/library/cc875814.aspx</a><br />
<br />
Thanks leew
</div>


This article supports leew's suggestion....  http://technet.microsoft.com/en-us/library/cc875814.aspx [http://technet.microsoft.com/en-us/library/cc875814.aspx]

Thanks leew

<div>
<div class="content wysiwyg-content">
I am currently running a Windows 2003R2 AD Domain and I want to require our employees to change their password every 90 days but there are a couple folks that I do not want to require this for. &nbsp;If I set the GPO Default Domain Account Password Policies and then for the users that I do not want to enfore this password policy on just merely choose the option &nbsp; &quot;Password Never Expires&quot; &nbsp;and I will accomplish my goal?<br />
<a href="https://filedb.experts-exchange.com/incoming/2010/03_w13/277659/2010-03-25-1511.png" target="_blank" class="file-inline" title="User AD Account (9 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>2010-03-25-1511.png</a>
</div>
</div>


2010-03-25-1511.png

I am currently running a Windows 2003R2 AD Domain and I want to require our employees to change their password every 90 days but there are a couple folks that I do not want to require this for.  If I set the GPO Default Domain Account Password Policies and then for the users that I do not want to enfore this password policy on just merely choose the option   "Password Never Expires"  and I will accomplish my goal?

Windows 2003 R2 - Domain Password Policies

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).