Solved

win 2008 r2

Posted on 2010-11-08
12
602 Views
Last Modified: 2012-05-10
Where do I navigate to, to make changes to the password policy on a win 2008 domain?
0
Comment
Question by:gfida
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 8

Accepted Solution

by:
rjwesley earned 250 total points
ID: 34090165
<Computer Configurations> <Policies> <Windows Settings> <Security Settings> <Account Policies> <Password Policy>

Rob
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 250 total points
ID: 34090247
In a windows 2008 domain (assuming 2008 domain functional level) you have a few places.

1.  What RJ pointed out, a password policy at the domain level (same as in 2000 or 2003)

2.  You can also have/use fine grain passwords to set a different password to groups or users.  That was something you could not do in 2000 and 2003 natively.  Great blog entry on fine grained passwords here:

http://blogs.technet.com/b/seanearp/archive/2007/10/06/windows-server-2008-fine-grained-password-policy-walkthrough.aspx

Thanks
Mike
0
 

Author Comment

by:gfida
ID: 34090307
When I follow this path, <Computer Configurations> <Policies> <Windows Settings> <Security Settings> <Account Policies> <Password Policy>
and try to make changes, the fields are "grayed out". Am I in the wrong area to change password policy for a domain?
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 57

Expert Comment

by:Mike Kline
ID: 34090324
Where are you trying to make that change?  Is that on your local machine or are you using GPMC and going to a domain level policy?  Run an RSoP report to check where you are getting your PW policy from.


What rights does your account have?

Thanks

Mike
0
 

Author Comment

by:gfida
ID: 34090339
New server. Trying to setup users with less difficult passwords. The password policy has a lock on it.
I am logged into server at the console as administrator.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34090363
Is it a new DC or just a new member server, if it is a member server then the policy from the domain is winning and why your local PW policy is grayed out
0
 

Author Comment

by:gfida
ID: 34090377
It is a new server and the only server. It is running active directory (w/DNS)
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34090385
If you go to GPMC.msc and then right click on the default domain policy and go to those settings there are they gray there?  
0
 

Author Comment

by:gfida
ID: 34090411
Found it!! Problem solved.
Thank you very much. Guess I've had too much on my plate lately. Mind fogged in. :)
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34090418
We can all get overloaded at times...glad to help
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34700057
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question