domain password policy

Is there anyway in ADUC console to view  the default domain password policy settings around length, lockout, expiry days etc? I am new to ADUC and cant see where the actual parameter settings are stored?
LVL 3
pma111Asked:
Who is Participating?
 
Justin OwensConnect With a Mentor ITIL Problem ManagerCommented:
You don't have to have the GPMC to view Group Policy.  You can view the properties of any OU from the ADUC console and see a tab for "Group Policy".  If you click "Edit", it will give the ability to view the GPO selected.

I strongly recommend you install the GPMC, though, if you want to do this.  It is a standard administrative tool.

DrUltima
0
 
AstropathConnect With a Mentor Commented:
Hi,

this might answer your question:

http://technet.microsoft.com/en-us/library/cc781159%28WS.10%29.aspx

Basically those settings are in the group policy, either for the domain or for the OU the object is in.
0
 
Brian PierceConnect With a Mentor PhotographerCommented:
You can only have one password policy per domain - its set at the domain level

Open Group Policy Management console from Administrative tools
Expand the tree, expanf domains and expanf your domain by clicking the [+] symbols
Right Click Default Domain Policy and select EDIT
Navigate to
Computer Configuration -> Windows Settings->Security Settings->Account Policies and double click Password Policy
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
AstropathCommented:
And the exact options you seek are under Computer Config / Windows Settings / Security Settings / Account Policies:

Password Policy
Account Lockout Policy

regards,

A.
0
 
pma111Author Commented:
I dont have group policy management console so I was hoping for an alternative way to do it

gpresult used to work but now it just seems to list the policy name as opposed to the actual settings
0
 
pma111Author Commented:
thanks will try that. is there a switch required on the gpresult command to view the actual parameter settings for the domain password policy. gpresult itself just lists the policy names, I wasnt sure if an /a switch or similar would show the actual parameter values around length, expiry, lockout etc
0
 
Justin OwensITIL Problem ManagerCommented:
Yes and No... GPRESULT has a verbose mode and a super verbose mode, but those are relatively huge and not very friendly output.  You are better off using either GPMC or RSoP.

DrUltima
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.