Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

domain password policy

Posted on 2011-02-21
7
Medium Priority
?
616 Views
Last Modified: 2013-11-05
Is there anyway in ADUC console to view  the default domain password policy settings around length, lockout, expiry days etc? I am new to ADUC and cant see where the actual parameter settings are stored?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 

Assisted Solution

by:Astropath
Astropath earned 120 total points
ID: 34943097
Hi,

this might answer your question:

http://technet.microsoft.com/en-us/library/cc781159%28WS.10%29.aspx

Basically those settings are in the group policy, either for the domain or for the OU the object is in.
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 120 total points
ID: 34943113
You can only have one password policy per domain - its set at the domain level

Open Group Policy Management console from Administrative tools
Expand the tree, expanf domains and expanf your domain by clicking the [+] symbols
Right Click Default Domain Policy and select EDIT
Navigate to
Computer Configuration -> Windows Settings->Security Settings->Account Policies and double click Password Policy
0
 

Expert Comment

by:Astropath
ID: 34943137
And the exact options you seek are under Computer Config / Windows Settings / Security Settings / Account Policies:

Password Policy
Account Lockout Policy

regards,

A.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 3

Author Comment

by:pma111
ID: 34943150
I dont have group policy management console so I was hoping for an alternative way to do it

gpresult used to work but now it just seems to list the policy name as opposed to the actual settings
0
 
LVL 31

Accepted Solution

by:
Justin Owens earned 260 total points
ID: 34943213
You don't have to have the GPMC to view Group Policy.  You can view the properties of any OU from the ADUC console and see a tab for "Group Policy".  If you click "Edit", it will give the ability to view the GPO selected.

I strongly recommend you install the GPMC, though, if you want to do this.  It is a standard administrative tool.

DrUltima
0
 
LVL 3

Author Comment

by:pma111
ID: 34943265
thanks will try that. is there a switch required on the gpresult command to view the actual parameter settings for the domain password policy. gpresult itself just lists the policy names, I wasnt sure if an /a switch or similar would show the actual parameter values around length, expiry, lockout etc
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 34943401
Yes and No... GPRESULT has a verbose mode and a super verbose mode, but those are relatively huge and not very friendly output.  You are better off using either GPMC or RSoP.

DrUltima
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question