Solved

fine grain policy and password expiration warning

Posted on 2014-03-05
4
1,457 Views
Last Modified: 2014-03-21
We have a fine grain password policy implemented in our domain (require password change every 90 days), That's working fine but now we need to inform users x days out that their password is going to expire.

If we set the domain GPO
interactive logon: Prompt user to change password before expiration
for 10 days will it see the expiration day in the fine grain password policy and inform users 10 days out that their password is going to expire? Or does this setting only work for the default domain password policy? If this setting does not work with fine grain password policy what options do we have for informing the users that their password is going to expire?
0
Comment
Question by:iamuser
4 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 39908770
Should work with PSO ("fine-grained..."), too. Please take a test account, a test PSO and try it out.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 39911258
I saw all the attribute of PSO again but could not find similar that will remind that speicific FGPP user hence the GPO configured in Domain policy should work to FGPP users too
0
 
LVL 4

Expert Comment

by:michaelalphi
ID: 39911724
Hi Iamuser,
You can have check this password expiration reminder software which would be a good choice for you. By using this software, users will get notification through customized emails before their password is about to expire in X days.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39911930
Though you are using FGPP, the password is stored in active directory only

Now if you set GPO to prompt users for password expiration, it must apply to FGPP also as long as it is storing password in active directory

Mahesh
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question