separate password policies for local accounts in windows 8

I have a client who is currently upgrading all computers to windows 8 pro from XP pro. The previous IT guy setup all the local computers with several different local accounts for each user on per computer (this is a medical clinic) He set the local security policy to be very specific. The medical clinic has strict policies that they have to adhere to.

There is a IT support account that I've always used prior to this and the password has never changed and all the other accounts have to change the password every 90 days. Now where and how do I set this up in windows 8? I've searched for it but cannot seem to find it. I've never set local security policy up on several local user accounts like this, I've always done it within a server/client environment.

I basically want to have a separate policy for one local admin account (password never expire) while all the others follow the normal parameters that will be set.

Thanks for any insight.
GregDSelwahAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
For local policy, Windows 8 Pro still can use the "secpol.msc". Under the password policy, you should be able to set Maximum password age to 0 and that means it never expires. And setting it to any other negative number is equivalent to setting it to Not Defined.

http://www.computerperformance.co.uk/win8/windows8-secpol-msc.htm
http://technet.microsoft.com/en-us/library/hh994572(v=ws.10).aspx

For info, Local Computer Policy is also known as Local Group Policy in previous versions of Windows.

For Fine-grained password policies apply only to user objects (or inetOrgPerson objects if they are used instead of user objects) and global security groups. This wording is in context of domain instead.

For local policy, it needs user specific Local Group Policy and in this case you will need to use Group Policy Object Editor. Will be good to catch the "Multiple Local Group Policy Scenarios" section in below link

http://technet.microsoft.com/en-us/library/cc766291(v=ws.10).aspx

User-Specific Group Policy
Administrators of stand-alone computers can create new local user accounts. When created, Windows stores these new accounts with the list of built-in groups and users on the local computer. Local administrators can use the last layer of the Local Group Policy object, Per-User Local Group Policy objects, to apply specific policy settings to a specific local user.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
McKnifeCommented:
My answer would have been shorter. Use secpol.msc to set up a pw Policy. Then set the checkbox "pw never expire" on the admin user and you're done.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.