45 days account log in

I setup a company so that users have to reset there password every 45 day's. I found out that you can't set it on an OU, it must be set on the default domain GP. All is working correctly except that I now also have to very 45 day's change the administrators pwd, which is not the problem. The problem is that there are some software like Backupexe 2012 that every time I change the pwd, I will have to go into the program and change it there also.
I want to know if there is a way that I can set it up so that the admin account never has to reset the pwd.

Thank you all

noad

Asked: 2013-05-19

Advertise Here

1 Solution

LVL 70

KCTSCommented: 2013-05-19

If you have Server 2008 or later you can use fine-grained password policies to apply different policies to different global security groups.

See
http://technet.microsoft.com/en-us/library/cc770842(v=ws.10).aspx
and
http://www.youtube.com/watch?v=AEgoTm1Ofjg

LVL 15

Rob StoneCommented: 2013-05-19

You may also want to read up on 2008R2/2012 Service Accounts
http://technet.microsoft.com/en-us/library/dd548356(v=ws.10).aspx

LVL 1

noadAuthor Commented: 2013-05-19

KCTS

I have tried the fine-grained password policies to apply different policies to different global security groups.
Can't get it working, that's why I'm here asking if maybe there is something eles..

LVL 70

KCTSCommented: 2013-05-19

There is nothing else.

If you follow the process there is no reason the fine-grained password policy will not work
Make sure your domain is at the 2008 functional level (or later).

LVL 1

noadAuthor Commented: 2013-05-19

Would you know off hand if I can set and account so not to require a reset?

LVL 1

noadAuthor Commented: 2013-05-19

KTCS

I set it all up and it seems to work, however when I tried setting it so that I don't have to reset the password ever, it dose not allow it do due to the pwd setting already in place.

See below