Solved

GPO not overridding Default Domain policy

Posted on 2013-11-07
5
439 Views
Last Modified: 2013-11-07
Scenario:
2008 domain structure. I have a Default Domain policy defining [computer configuration>Policies>windows settings>security settings>password policy>Max password age = 45]
I have OU created called restricted. I want to have the USERS in that OU have a policy of 30 days. But I want the rest of the settings in the default domain policy to still apply to these users.
I have created the GPO, applied it to the OU, the group policy inheritance tab in Group Policy Management.msc shows the two policies, both are set to Enforce, both are set to Enabled. Precedence 1 is the default domain policy and 2 is the GPO created for that OU. I force AD replciation, do a gpoupdate /force on the users workstation, but rsop.msc still shows the 45 days.

If the order of precedence is Local / Site / Domain / OU what would be preventing that GPO from changing it to 30?

Thanks,
chuck
0
Comment
Question by:fcbc
  • 4
5 Comments
 
LVL 21

Accepted Solution

by:
oleggold earned 500 total points
ID: 39630724
0
 
LVL 21

Assisted Solution

by:oleggold
oleggold earned 500 total points
ID: 39630726
0
 
LVL 21

Assisted Solution

by:oleggold
oleggold earned 500 total points
ID: 39630730
0
 
LVL 21

Assisted Solution

by:oleggold
oleggold earned 500 total points
ID: 39630735
0
 
LVL 70

Expert Comment

by:KCTS
ID: 39630761
You can only have one password policy per domain unless you implement a fine grained password policy
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question