asked on

45 days account log in

I setup a company so that users have to reset there password every 45 day's. I found out that you can't set it on an OU, it must be set on the default domain GP. All is working correctly except that I now also have to very 45 day's change the administrators pwd, which is not the problem. The problem is that there are some software like Backupexe 2012 that every time I change the pwd, I will have to go into the program and change it there also.
I want to know if there is a way that I can set it up so that the admin account never has to reset the pwd.

Thank you all

Brian Pierce

If you have Server 2008 or later you can use fine-grained password policies to apply different policies to different global security groups.

See
http://technet.microsoft.com/en-us/library/cc770842(v=ws.10).aspx
and
http://www.youtube.com/watch?v=AEgoTm1Ofjg

Rob Stone

You may also want to read up on 2008R2/2012 Service Accounts
http://technet.microsoft.com/en-us/library/dd548356(v=ws.10).aspx

noad

ASKER

KCTS

I have tried the fine-grained password policies to apply different policies to different global security groups.
Can't get it working, that's why I'm here asking if maybe there is something eles..

Brian Pierce

There is nothing else.

If you follow the process there is no reason the fine-grained password policy will not work
Make sure your domain is at the 2008 functional level (or later).

noad

ASKER

Would you know off hand if I can set and account so not to require a reset?

noad

ASKER

KTCS

I set it all up and it seems to work, however when I tried setting it so that I don't have to reset the password ever, it dose not allow it do due to the pwd setting already in place.

See below

ASKER CERTIFIED SOLUTION

Pramod Ubhe

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial