Solved

password policy for particular user group

Posted on 2013-11-17
6
297 Views
Last Modified: 2013-12-05
Dear experts,

I have SBS2011 and I turned password policy off, because every user has limited permission and no remote access.

Now I need to create few admin accounts for some users and enforce password policy for them.


Regards,
Jarda
0
Comment
Question by:JardaCZ
6 Comments
 
LVL 7

Author Comment

by:JardaCZ
ID: 39655672
I figured it out.
I created a security group, add those "special admins" to it.
Just apply that GPO to a computers and set security filtering for that group.

Jarda
0
 
LVL 10

Assisted Solution

by:Pramod Ubhe
Pramod Ubhe earned 100 total points
ID: 39655755
I am not sure about 2011 and how you figured it out but as far as I know, in 2008 you cannot have two separate password policies.
0
 
LVL 7

Author Comment

by:JardaCZ
ID: 39655766
You mean in SBS2008? Even if you create new GPO?

Jarda¨
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 100 total points
ID: 39655769
NO YOU CANT

Only a password policy applied at the domain has any effect and it can't be blocked or filtered
The only way you can do what you want is by using a fine grained password policy
see http://pic.dhe.ibm.com/infocenter/seas/v2r4m1/index.jsp?topic=%2Fcom.ibm.help.seasimplementationguide.doc%2FSEAS_Create_Finegrained_Password_Policy.html

http://www.youtube.com/watch?v=CHvYa-pZRfE
0
 
LVL 7

Assisted Solution

by:joensw
joensw earned 100 total points
ID: 39655779
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 200 total points
ID: 39655782
You can have ONLY ONE password and account lockout policy in ANY 2003 AD Domain.In Windows Server 2008 and above introduces multiple password and account lockout policies through PSOs when the DFL = at least w2k8.Fine Grained Password Policy is for Windows 2008 and above server.
 
AD DS Fine-Grained Password and Account Lockout Policy Step-by-Step Guide
http://technet.microsoft.com/en-us/library/cc770842.aspx
 
AD DS: Fine-Grained Password Policies
http://technet.microsoft.com/en-us/library/cc770394(v=ws.10).aspx


Change the Password Policy - SBS 2011
http://social.technet.microsoft.com/Forums/en-US/6faf6fd6-76ba-4da9-ac2f-a66130750d77/change-the-password-policy-sbs-2011?forum=smallbusinessserver
0

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now