djpierce54
asked on
Using Fine Grained policy in Server 2008 R2
I currently have a group policy for my domain to force users to change their password every 90 days. I need to override that policy for one user and have the password expiration set to 120 days.
I setup the fine grained password polocy and I verified that it is defined for that user by doing the Get-ADFineGrainedPasswordP olicy cmdlet.
I assume it overrides my standard group policy but I wanted to know if there is a cmdlet that will list all the password policies for all users in the domain.
Of course I want to be able to go down the list and find that one user with the new overriding policy. Really do not want to wait until the expiration date. I tried just using the cmdlet (C1) to see how many days until that account expires. It stated 83 days. I then went back and updated the finegrained policy by increasing to 122 days. Then went back and ran the C1 cmdlet and the value was 83 instead of 85. This is the C1 cmdlet:
(([datetime]::FromFileTime ((Get-ADUs er -Identity Bill -Properties "msDS-UserPasswordExpiryTi meComputed ")."msDS-U serPasswor dExpiryTim eComputed" ))-(Get-Da te)).Days.
Suggestions to confirm that finegrained will override standard group policy?
I setup the fine grained password polocy and I verified that it is defined for that user by doing the Get-ADFineGrainedPasswordP
I assume it overrides my standard group policy but I wanted to know if there is a cmdlet that will list all the password policies for all users in the domain.
Of course I want to be able to go down the list and find that one user with the new overriding policy. Really do not want to wait until the expiration date. I tried just using the cmdlet (C1) to see how many days until that account expires. It stated 83 days. I then went back and updated the finegrained policy by increasing to 122 days. Then went back and ran the C1 cmdlet and the value was 83 instead of 85. This is the C1 cmdlet:
(([datetime]::FromFileTime
Suggestions to confirm that finegrained will override standard group policy?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.