Solved

Domain Controller Account Policy

Posted on 2011-02-17
6
930 Views
Last Modified: 2012-05-11
We have applied Password Policy on Domain Level. But when we log into (as domain administrator) Domain Controller and run RSOP on that Domain Controller we are unable to see the Account Policies which has been configured. But if we run "Net Accounts" the information comes up fine.Please explain.
0
Comment
Question by:Neo_78
6 Comments
 
LVL 6

Expert Comment

by:nipponsoul
ID: 34914213
RSOP results against the PCs showing local settings only even though the PCs are logging into the domain. That's why you see different results with Net Accounts.
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 34914487
@NipponSoul: Not quite - the whole point of RSOP is to show the end result of policies applied to a machine, user, or machine/user combination. It will show both local and AD policies.
The RSOP may not show the GPO settings under your test conditions as the GPO may not apply to either the domain admin or DC.
At what level is this policy?
0
 
LVL 17

Expert Comment

by:Premkumar Yogeswaran
ID: 34914535
Hi,

In the group policy setting make sure the "domain admin" not applied with deny permission in "Apply group policy"

http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html

Check this link for GP security ffiltering..!

Regards,
Prem
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:Neo_78
ID: 34914538
Password Policy has been applied at Domain Level.
0
 

Accepted Solution

by:
Neo_78 earned 0 total points
ID: 35753588
As there is no reply since a long time please close
0
 

Author Closing Comment

by:Neo_78
ID: 35783727
As no reply we are closing
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2010 - securing email internally? 1 41
Power shell script 6 58
AWS VPS as AD Server 2 53
cannot create more new mailboxes EX2013 2 35
[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now