Policy filter questions
Posted on 2011-02-21
How do you find the name of the default password domain policy for a given domain, and more importantly how do you find every user who is subject to the default domain policy, and every user who is exempt/filtered from it? If in ADUC can you provide some basic steps as I am still getting used to the tool.
Also, how do policy filters/exemptions work. Say for example you want a user to be subject to the default domain password policy around account lockout and password complexity, but you don’t want their password to expire, how do you ensure the user still is subject to the default domain policy, but essentially filters/overrides the password expiry setting when the default domain policy is applied to their account? Can you explain the mechanics?