My fine grain password policy is not working. I went through the step by step guide here: fine grain password setup
. I then researched and went through the following steps to figure out why it isn't working.
1. dsget user <User-DN> -effectivepso
a. This didn't do anything except for give me dsget succeeded reply
2. Checked Domain function level by going to Ldp.exe and connecting to my Domain Controller
a. It says 3= (WIN2008) next to domainControllerFunctional
3. Tried adding user to Active Directory group and then add the group to the fine grain password policy in ADSI but this also didn't do anything.
4. I have checked the msDS-PSOAppliesTo
a. This is set correctly. It has my user and group there
5. I have changed the msDS-PasswordSettingPreced
ence to 1
a. This didn't make a difference
My domain controller is a Windows 2008 64bit machine. After all this I am still having problems with my test user. This user still is under the default password policy and not my new one.